[MEDIUM] SS-2017-005: User enumeration via timing attack on login and password reset forms

PKSA-95gt-f8d7-9gcg GHSA-g4hp-pfvf-vm5w

Affected package: silverstripe/framework

Affected version: >=3.5.0,<3.5.5|>=3.6.0,<3.6.2

Reported by:
GitHub, FriendsOfPHP/security-advisories