Dromara Lamp-Cloud before v3.8.1 exists to use a hardcoded cryptographic key when creating and verifying a Json Web Token. This vulnerability allows malicious users to authenticate to the application via a crafted JWT token.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
tangyh lamp-cloud |