CVE-2023-40761 (yacht_listing_script)

User enumeration is found in PHPJabbers Yacht Listing Script v2.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.

attack brute cve enumeration found issue listing messages password password recovery recovery script user enumeration valid