Information Disclosure: Username Leakage in WorkforceROI Xpede 4.1
CVE-2002-0580 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
WorkforceROI Xpede 4.1 allows remote attackers to obtain the database username via a request to datasource.asp, which leaks the username in a form and allows the attacker to more easily conduct brute force password guessing attacks.
Learn more about our User Device Pen Test.