VYPR
Medium severity5.3NVD Advisory· Published Jun 26, 2018· Updated Jun 17, 2026

CVE-2018-1000549

CVE-2018-1000549

Description

Wekan version 1.04.0 contains a Email / Username Enumeration vulnerability in Register' and 'Forgot your password?' pages that can result in A remote attacker could perform a brute force attack to obtain valid usernames and email addresses.. This attack appear to be exploitable via HTTP Request.

Affected products

2
  • Wekan/Wekaninferred2 versions
    = 1.04.0+ 1 more
    • (no CPE)range: = 1.04.0
    • (no CPE)range: =1.04.0

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.