Mtons Mblog Information Exposure Vulnerability in Register Function

An information exposure vulnerability has been identified in Mtons Mblog versions through 3.5.0. The issue arises in an unknown function of the file '/register', where error messages inadvertently reveal whether a username already exists. This flaw allows for username enumeration and could be exploited to perform batch account registrations. The vulnerability can be exploited remotely, but the complexity of the attack is considered high.

Impact

Exploitation of this vulnerability leads to unauthorized information disclosure, specifically through error messages that reveal sensitive information about the application's user registration process.

Reproduction

To reproduce this vulnerability, access the '/register' endpoint of the Mtons Mblog application. The endpoint lacks CAPTCHA protection and rate limiting. Submit registration requests with various usernames. The response will indicate whether each username is available or already taken, allowing for enumeration of existing usernames. This process can be automated to facilitate batch account registration.