← Zuruck zu CVEs
CVE-2018-11537
N/ABeschreibung
Auth0 angular-jwt before 0.1.10 treats whiteListedDomains entries as regular expressions, which allows remote attackers with knowledge of the jwtInterceptorProvider.whiteListedDomains setting to bypass the domain whitelist filter via a crafted domain.
CVE Details
CVSS v3.1 BewertungN/A
Veroffentlicht6/19/2018
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
auth0:angular-jwt
Schwachen (CWE)
CWE-20
Referenzen
https://auth0.com/docs/security/bulletins/cve-2018-11537(cve@mitre.org)
https://auth0.com/docs/security/bulletins/cve-2018-11537(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.