| Name | CVE-2022-32741 |
| Description | Attacker is able to determine if the provided username exists (and it's valid) using Request New Password feature, based on the response time. |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
NOT-FOR-US: OTRS
Issue is listed as specific to 7.x and 8.x, so won't affect Znuny which forked from 6.x