[MEDIUM] Mautic allows user name enumeration due to response time difference on password reset form

PKSA-s7ys-knkq-xqw6 CVE-2024-47057 GHSA-424x-cxvh-wq9p

Affected package: mautic/core

Affected version: >=6.0.0-alpha,<6.0.2|>=5.0.0-alpha,<5.2.6|>=1.0.0,<4.4.16

Reported by:
GitHub