CVE-2025-26485
A vulnerability in Beta80 Life 1st enables the retrieval of different error messages for failed authentication attempts
(in case of the usage of a wrong password or a non existent user). The difference in the
returned error messages could be used by attackers to understand whether a
certain user is registered in the Identity Manager.
This issue affects Life 1st: 1.5.2.14234.
(in case of the usage of a wrong password or a non existent user). The difference in the
returned error messages could be used by attackers to understand whether a
certain user is registered in the Identity Manager.
This issue affects Life 1st: 1.5.2.14234.
Vendor
-
Product
-
CWE
Yayın Tarihi
2025-03-19 16:15:31
Güncelleme
2025-07-02 15:15:25
Source Identifier
a6d3dc9e-0591-4a13-bce7-0f5b31ff6158
KEV Date Added
-