{"vulnerability": "CVE-2020-26526", "sightings": [{"uuid": "998e0950-6896-43bc-bb77-6c4f36824e81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-26526", "type": "seen", "source": "https://t.me/cibsecurity/15037", "content": "\u203c CVE-2020-26526 \u203c\n\nAn issue was discovered in Damstra Smart Asset 2020.7. It is possible to enumerate valid usernames on the login page. The application sends a different server response when the username is invalid than when the username is valid (\"Unable to find an APIDomain\" versus \"Wrong email or password\").\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-10-03T00:54:26.000000Z"}]}