Vulnerability in Intellichoice Eforce Software Suite
CVE-2021-47717
IntelliChoice eFORCE Software Suite 2.5.9 contains a username enumeration vulnerability that allows attackers to enumerate valid users by exploiting the 'ctl00$MainContent$UserName' POST parameter. Attackers can send requests with valid us…
EPSS: 0.003 (21.7th percentile) — read the EPSS interpretation.
Affected products
- Intellichoice Eforce Software Suite — versions 2.5.9.6
Weakness classification (CWE)
References
- disclosure@vulncheck.com (exploit)
- disclosure@vulncheck.com (product)
- disclosure@vulncheck.com (third-party-advisory)
- disclosure@vulncheck.com (third-party-advisory)