CWE-203
Observable Discrepancy
The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.
We have discovered 13,091 live websites that are affected by CWE-203.
CVEs
- Count - 8
CWE References
Website Distribution by Country
Number of websites using CWE-203 United States | 4,083 websites |
 Denmark | 1,387 websites |
 Germany | 1,048 websites |
 Canada | 671 websites |
 Argentina | 620 websites |
 France | 562 websites |
 Slovenia | 516 websites |
 GB | 458 websites |
 Spain | 321 websites |
 Netherlands | 307 websites |
Website Distribution by TLD
Number of websites using CWE-203| .com | 4,957 websites |
| .de | 779 websites |
| .org | 585 websites |
| .se | 375 websites |
| .nl | 375 websites |
| .ca | 360 websites |
| .dk | 321 websites |
| .co.uk | 310 websites |
| .it | 302 websites |
| .net | 299 websites |
Newest CVEs
List of the most recent CVEs that are part of CWE-203| Discovered | CVE | Description | Websites |
|---|---|---|---|
| Aug, 2025 | CVE-2025-43751 | User enumeration vulnerability in Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2024.Q4.0 ... | 72 |
| Aug, 2025 | CVE-2025-43739 | Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.6, 2024.Q4.0 throu... | 72 |
| Aug, 2025 | CVE-2025-43743 | Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.5, 2024.Q4.0 throu... | 72 |
| Jul, 2025 | CVE-2025-4302 | Stop User Enumeration < 1.7.3 - Protection Bypass | 11,542 |
| Jul, 2025 | CVE-2025-24391 | Possible user enumeration | 1 |
| Feb, 2024 | CVE-2024-26268 | User enumeration vulnerability in Liferay Portal 7.2.0 through 7.4.3.26, and older unsupported versi... | 713 |
| Sep, 2022 | CVE-2022-36105 | User Enumeration via Response Timing in TYPO3 | 40 |
| Mar, 2017 | CVE-2016-9129 | Revive Adserver before 3.2.3 suffers from Information Exposure Through Discrepancy. It is possible t... | 790 |
The most widespread CVEs
List of the most common CVEs that are part of CWE-203| Discovered | CVE | Description | Websites |
|---|---|---|---|
| Jul, 2025 | CVE-2025-4302 | Stop User Enumeration < 1.7.3 - Protection Bypass | 11,542 |
| Mar, 2017 | CVE-2016-9129 | Revive Adserver before 3.2.3 suffers from Information Exposure Through Discrepancy. It is possible t... | 790 |
| Feb, 2024 | CVE-2024-26268 | User enumeration vulnerability in Liferay Portal 7.2.0 through 7.4.3.26, and older unsupported versi... | 713 |
| Aug, 2025 | CVE-2025-43739 | Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.6, 2024.Q4.0 throu... | 72 |
| Aug, 2025 | CVE-2025-43743 | Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.5, 2024.Q4.0 throu... | 72 |
| Aug, 2025 | CVE-2025-43751 | User enumeration vulnerability in Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2024.Q4.0 ... | 72 |
| Sep, 2022 | CVE-2022-36105 | User Enumeration via Response Timing in TYPO3 | 40 |
| Jul, 2025 | CVE-2025-24391 | Possible user enumeration | 1 |
Websites affected by CWE-203
Top websites that are affected by CWE-203. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| *************.com | United States | *,*** | |
| ****.com | United States | *,*** | |
| ****.******.com | United States | *,*** | |
| *****.com | United States | *,*** | |
| *******.cz |  Czech Republic | *,*** | |
| ***********.ro |  Romania | **,*** | |
| ********************.com | United States | **,*** | |
| ******.com | United States | **,*** | |
| ******.com | United States | **,*** | |
| *********.scot | United States | **,*** |