VYPR
Unrated severityNVD Advisory· Published Dec 10, 2025· Updated Dec 11, 2025

SpinetiX Fusion Digital Signage 3.4.8 Username Enumeration via Login Script

CVE-2020-36888

Description

SpinetiX Fusion Digital Signage 3.4.8 contains a username enumeration vulnerability in its login script that allows attackers to identify valid user accounts. Attackers can send crafted login requests with different usernames to distinguish between existing and non-existing accounts by analyzing the server's error responses.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.

CVE-2020-36888 · VYPR