CVE-2022-32425 Information

Description

The login function of Mealie v1.0.0beta-2 allows attackers to enumerate existing usernames by timing the server’s response time.

Reference

https://github.com/hay-kot/mealie/issues/1336