CVE-2023-30458

Name of the Vulnerable Software and Affected Versions Medicine Tracker System version 1.0

Description A username enumeration issue was discovered in the login functionality, allowing a malicious user to guess a valid username due to a different response time from invalid usernames. When a valid username is entered, the response time increases depending on the length of the supplied password.

Recommendations For Medicine Tracker System version 1.0, consider implementing a rate-limiting mechanism or a constant response time to prevent username enumeration. Additionally, restrict access to the login functionality to minimize the risk of exploitation.