User Enumeration Vulnerability in TCMAN GIM v11 version 20250304. This vulnerability allows an unauthenticated attacker to determine whether a user exists on the system. The vulnerability is exploitable through the 'pda:username' parameter with 'soapaction GetUserQuestionAndAnswer' in '/WS/PDAWebService.asmx'.
GHSA-hr68-wphp-w2x5: User Enumeration Vulnerability in TCMAN GIM v11 version 20250304. This vulnerability allows an...
User Enumeration Vulnerability in TCMAN GIM v11 version 20250304 allows unauthenticated attackers to determine user existence via the 'pda:username' parameter.