Auth0 Passport-SharePoint prior to 0.4.0 does not validate the JWT signature of an Access Token before processing. This allows malicious users to forge tokens and bypass authentication and authorization mechanisms.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
auth0 passport-sharepoint |