Sync-In: >> Sync-In Server >> 1.10.1 Security Vulnerabilities
Sync-in Server is a secure, open-source platform for file storage, sharing, collaboration, and syncing. Prior to version 2.2.0, the /api/auth/login endpoint contains a logic flaw that allows unauthenticated remote attackers to enumerate valid usernames by measuring the application's response time. This issue has been patched in version 2.2.0.
CVSS Score
6.9
EPSS Score
0.0
Published
2026-05-08