Maven package
org.wso2.carbon.identity.framework/org.wso2.carbon.identity.input.validation.mgt
pkg:maven/org.wso2.carbon.identity.framework/org.wso2.carbon.identity.input.validation.mgt
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-1396 | — | <= 7.8.103 | — | Sep 26, 2025 | A username enumeration vulnerability exists in multiple WSO2 products when Multi-Attribute Login is enabled. In this configuration, the system returns a distinct "User does not exist" error message to the login form, regardless of the validate_username setting. This behavior allo |
- CVE-2025-1396Sep 26, 2025affected <= 7.8.103
A username enumeration vulnerability exists in multiple WSO2 products when Multi-Attribute Login is enabled. In this configuration, the system returns a distinct "User does not exist" error message to the login form, regardless of the validate_username setting. This behavior allo