xubowenW/JWTissues

Releases0

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-31579 ↗	Nov 2, 2023Thursday, 2 November 2023, 22:15	9.8 CRITICAL	—
Dromara Lamp-Cloud before v3.8.1 was discovered to use a hardcoded cryptographic key when creating and verifying a Json Web Token. This vulnerability allows attackers to authenticate to the application via a crafted JWT token.
CVE-2023-31581 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	9.8 CRITICAL	—
Dromara Sureness before v1.0.8 was discovered to use a hardcoded key.