CVE-2024-1145

Name of the Vulnerable Software and Affected Versions Devklan's Alma Blog versions 2.1.10 and earlier

Description The issue allows a remote user to retrieve all valid users registered in the application by analyzing the request response. This could lead to information disclosure.

Recommendations For versions 2.1.10 and earlier, update to a version later than 2.1.10 to resolve the issue. As a temporary workaround, consider monitoring logs for unusual activity and restricting access to sensitive information until a patch is available.