exploitDog

GHSA-wwjc-h7f8-cqv5

Опубликовано: 24 апр. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 8.1

Описание

Due to improper JSON Web Tokens implementation an unauthenticated remote attacker can guess a valid session ID and therefore impersonate a user to gain full access.

Due to improper JSON Web Tokens implementation an unauthenticated remote attacker can guess a valid session ID and therefore impersonate a user to gain full access.

Ссылки

EPSS

Процентиль: 32%

0.00125

Низкий

8.1 High

CVSS3

CVE ID

Дефекты

CWE-613

Связанные уязвимости

CVE-2021-47663

CVSS3: 8.1

nvd

10 месяцев назад

Due to improper JSON Web Tokens implementation an unauthenticated remote attacker can guess a valid session ID and therefore impersonate a user to gain full access.

EPSS

Процентиль: 32%

0.00125

Низкий

8.1 High

CVSS3

CVE ID

Дефекты

CWE-613