{"dataType":"CVE_RECORD","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2023-48028","assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","dateUpdated":"2025-09-29T13:47:45.687Z","dateReserved":"2023-11-13T00:00:00.000Z","datePublished":"2023-11-17T00:00:00.000Z"},"containers":{"cna":{"providerMetadata":{"orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre","dateUpdated":"2025-09-29T13:47:45.687Z"},"descriptions":[{"lang":"en","value":"kodbox 1.46.01 has a security flaw that enables user enumeration. This problem is present on the login page, where an attacker can identify valid users based on varying response messages, potentially paving the way for a brute force attack."}],"affected":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}],"references":[{"url":"https://gist.github.com/bugplorer/9ae8ad7a9f2a3053ebd07a1b7b54deae"},{"url":"https://nitipoom-jar.github.io/CVE-2023-48028/"},{"url":"https://nitipoom-jaroonchaipipat.github.io/security-research-portal/2023-48028"}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"n/a"}]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T21:23:38.657Z"},"title":"CVE Program Container","references":[{"url":"https://gist.github.com/bugplorer/9ae8ad7a9f2a3053ebd07a1b7b54deae","tags":["x_transferred"]},{"url":"https://nitipoom-jar.github.io/CVE-2023-48028/","tags":["x_transferred"]}]},{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-08-29T14:35:46.480621Z","id":"CVE-2023-48028","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-08-29T14:36:48.503Z"}}]},"dataVersion":"5.1"}