Wso2 Carbon Authenticator Library Emailotp
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Wso2 Carbon Authenticator Library Emailotp.
By the Year
In 2026 there have been 1 vulnerability in Wso2 Carbon Authenticator Library Emailotp with an average score of 5.3 out of ten.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 1 | 5.30 |
It may take a day or so for new Wso2 Carbon Authenticator Library Emailotp vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Wso2 Carbon Authenticator Library Emailotp Security Vulnerabilities
WSO2 Identity Server: OTP Account Lock State Bypass Allows Username Enumeration
CVE-2024-0391
5.3 - Medium
- May 11, 2026
The check user account lock states feature within the email OTP flow fails to validate user input, allowing an attacker to infer the existence of registered user accounts. The discovery of valid usernames can increase the risk of brute-force and social engineering attacks. Attackers can leverage this information to craft targeted phishing campaigns or other malicious activities aimed at tricking users into divulging sensitive data, potentially damaging the organization's reputation and leading to regulatory non-compliance and financial consequences.
Observable Response Discrepancy
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Wso2 Carbon Authenticator Library Emailotp or by Wso2? Click the Watch button to subscribe.
