CVE-2025-27451

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined.

Description: The issue arises from the application's behavior of returning different error messages for failed login attempts, depending on whether the failure was due to an incorrect password or a non-existing username. This distinction allows an attacker to deduce existing usernames by analyzing the error messages received during login attempts.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.