CVE-2023-31579
Published
CVSS v3
9.8
CRITICAL
CVSS v2
N/A
Affected
2
PROJECTS
Description
Dromara Lamp-Cloud before v3.8.1 was discovered to use a hardcoded cryptographic key when creating and verifying a Json Web Token. This vulnerability allows attackers to authenticate to the application via a crafted JWT token.
GitHub[灯灯]微服务中后台快速开发平台,支持jdk21、jdk17、jdk8,专注于多租户、开放平台解决方案,亦可作为普通项目(非SaaS架构)的基础开发框架使用,目前已实现插拔式数据库隔离、SCHEMA隔离、字段隔离 等租户隔离方案。
GitHub