Vulnerability in Mycomplianceoffice Mco
CVE-2026-53908
MCO is vulnerable to User Enumeration through authentication-related functionalities. The application returns distinguishable responses for valid and invalid users during username reminder and password reset operations. An attacker can lev…
Affected products
- Mycomplianceoffice Mco — versions 25.3.3.1
Weakness classification (CWE)
References
- cvd@cert.pl (third-party-advisory)
- cvd@cert.pl (product)