[原文]login.php in Interact 2.1.1 generates different responses depending on whether or not a username is valid, which allows remote attackers to determine valid usernames. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Interact contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when login.php returns different error messages depending on if a valid username was supplied. This can be exploited to help enumerate valid usernames resulting in a loss of confidentiality.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.