An issue was discovered in eZ Platform Ibexa Kernel before 1.3.19. It allows determining account existence via a timing attack.
3.7CVSS
4AI Score
0.001EPSS
An issue was discovered in eZ Publish Ibexa Kernel before 7.5.28. Access control based on object state is mishandled.
9.8CVSS
9.4AI Score
0.003EPSS