Inconsistent Response Length in PublicCMS V4.0.180825 Allows for Brute-Force Attacks
CVE-2018-17368 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
An issue was discovered in PublicCMS V4.0.180825. For an invalid login attempt, the response length is different depending on whether the username is valid, which makes it easier to conduct brute-force attacks.
Learn more about our Cms Pen Testing.