Iam-Marco

**Name of the Vulnerable Software and Affected Versions** ZITADEL versions prior to 4.9.1 ZITADEL versions prior to 3.4.6 **Description** ZITADEL is an open source identity management platform. A user enumeration issue exists in the login interfaces. An unauthenticated attacker can determine the existence of valid user accounts by attempting different usernames and userIDs. The vulnerability is exploitable by iterating through usernames and `userIDs`. **Recommendations** Update ZITADEL to version 4.9.1 or later. Update ZITADEL to version 3.4.6 or later.