CVE ID : CVE-2025-26485

Published : March 19, 2025, 4:15 p.m. | 1 hour, 14 minutes ago

Description : The Exposure of Sensitive Information to an Unauthorized Actor
vulnerability impacting Beta80 Life 1st Identity Manager allows User
Enumeration using Authentication Rest APIs. Affected: Life 1st version
1.5.2.14234. Different error messages are returned to failed authentication attempts
in case of the usage of a wrong password or a non existent user.

This issue affects Life 1st: 1.5.2.14234.

Severity: 5.8 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…