A security analyst notices that the web application returns different response times when a valid username is submitted versus an invalid one during login. Which type of vulnerability is likely being exploited?
Select one: