Описание
The Litmus platform uses JWT for authentication and authorization, but the secret being used for signing the JWT is only 6 bytes long at its core, which makes it extremely easy to crack.
EPSS
Процентиль: 25%
0.00086
Низкий
7.1 High
CVSS3
Дефекты
CWE-331
Связанные уязвимости
CVSS3: 7.1
github
2 месяца назад
The Litmus platform uses JWT for authentication and authorization, but the secret being used for signing the JWT is only 6 bytes long at its core, which makes it extremely easy to crack.
EPSS
Процентиль: 25%
0.00086
Низкий
7.1 High
CVSS3
Дефекты
CWE-331