CVE-2019-14278

Name of the Vulnerable Software and Affected Versions Knowage versions prior to 6.1.2

Description The issue allows an unauthenticated user to enumerate valid usernames via the ChangePwdServlet page.

Recommendations For versions prior to 6.1.2, update to version 6.1.2 or later to resolve the issue.