Wso2 Email Otp Authenticator
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Wso2 Email Otp Authenticator.
By the Year
In 2026 there have been 1 vulnerability in Wso2 Email Otp Authenticator with an average score of 5.3 out of ten.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 1 | 5.30 |
It may take a day or so for new Email Otp Authenticator vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Wso2 Email Otp Authenticator Security Vulnerabilities
WSO2 Identity Server: OTP Account Lock State Bypass Allows Username Enumeration
CVE-2024-0391
5.3 - Medium
- May 11, 2026
The check user account lock states feature within the email OTP flow fails to validate user input, allowing an attacker to infer the existence of registered user accounts. The discovery of valid usernames can increase the risk of brute-force and social engineering attacks. Attackers can leverage this information to craft targeted phishing campaigns or other malicious activities aimed at tricking users into divulging sensitive data, potentially damaging the organization's reputation and leading to regulatory non-compliance and financial consequences.
Observable Response Discrepancy
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Wso2 Email Otp Authenticator or by Wso2? Click the Watch button to subscribe.
