European Chemicals Agency IUCLID 6.x prior to 6.27.6 allows authentication bypass because a weak hard-coded secret is used for JWT signing. The affected versions are 5.15.0 up to and including 6.27.5.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
echa.europa iuclid |