Horde Groupware v5.2.22 has a user enumeration vulnerability that allows an unauthenticated attacker to determine the existence of valid accounts on the system. To exploit the vulnerability, an HTTP request must be sent to ‘/imp/attachment.php’ including the parameters ‘id’ and ‘u’. If the specified user exists, the server will return the download of an empty file; if it does not exist, no download will be initiated, which unequivocally reveals the validity of the user.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/41xxx/CVE-2025-41066.json",
"cwe_ids": [
"CWE-200"
],
"unresolved_ranges": [
{
"extracted_events": [
{
"introduced": "5.2.22"
},
{
"last_affected": "5.2.22"
}
],
"source": "AFFECTED_FIELD"
}
],
"cna_assigner": "INCIBE"
}