Dispatch.cgi/_user/uservCard/ in SiteScape Forum 7.2 and possibly earlier generates different responses in a way that allows remote attackers to enumerate valid usernames.
https://exchange.xforce.ibmcloud.com/vulnerabilities/26672
http://www.uniras.gov.uk/niscc/docs/br-20060525-00374.html?lang=en