Admin login page reveals user account - no anti-bruteforce
State Resolved (Closed)
Disclosed publicly 2018-08-10T23:12:03.604Z
Reported To
Weakness Brute Force
Bounty
Collapse

Summary by wiardvanrij

A login page's text upon a failed login could have been used to determine valid user names. The text was adjusted to avoid this.

Timeline
submitted a report to Razer US .
2018-04-05T21:49:15.987Z

Regards,
Frans

  • 0 attachments:
thefrog Activities::BugTriaged
2018-04-07T11:10:15.485Z


wiardvanrij Activities::Comment
2018-04-07T14:44:33.129Z


carlos44 Activities::BugResolved
2018-04-16T07:59:40.335Z


wiardvanrij Activities::AgreedOnGoingPublic
2018-08-10T19:09:21.821Z


tom_tanida Activities::AgreedOnGoingPublic
2018-08-10T23:12:03.514Z


tom_tanida Activities::ReportBecamePublic
2018-08-10T23:12:03.641Z