Username Enumeration Vulnerability

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Attacker is able to determine if the provided username exists (and it's valid) using Request New Password feature, based on the response time.

Learn more about our User Device Pen Test.