Description
User enumeration vulnerability in /pwreset.php in osTicket v1.18.2 allows remote attackers to enumerate valid usernames registered in the platform.
Remediation
References
Related Vulnerabilities
Internet Information Services Improper Authentication Vulnerability (CVE-2009-1122)
WordPress Plugin FV Flowplayer Video Player Cross-Site Scripting (7.2.0.727)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4593)
Oracle Application Server CVE-2004-1368 Vulnerability (CVE-2004-1368)