Vulnerability description for reporting available in VulnDB (GitHub)
Testing
- Identify APIs that have usernames as input (like the Forgot password functionality).
- Send the request to the Repeater module in Burp Suite.
- Compare server responses from valid usernames VS invalid usernames.
If the server responses or error messages are different, try automating the bruteforce with the Intruder module and a list of usernames.
Use a list of usernames obtain during the Reconnaissance phase – like a list of employees obtained from LinkedIn.