VYPR
Medium severity5.3NVD Advisory· Published Mar 12, 2023· Updated Jun 17, 2026

CVE-2021-46876

CVE-2021-46876

Description

An issue was discovered in eZ Publish Ibexa Kernel before 7.5.15.1. The /user/sessions endpoint can be abused to determine account existence.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
ezsystems/ezpublish-kernelPackagist
>= 6.13.0, < 6.13.8.16.13.8.1
ezsystems/ezpublish-kernelPackagist
>= 7.5.0, < 7.5.15.17.5.15.1

Affected products

2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.