HIGH 7.5 Maven
Hardcoded JWT Token in Lin CMS Spring Boot
GHSA-q72p-4w56-hx7h · CVE-2022-32430
Published · Modified
Description
An access control issue in Lin CMS Spring Boot v0.2.1 allows attackers to access the backend information and functions within the application.
References
- ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2022-32430
- PACKAGE https://github.com/TaleLin/lin-cms-spring-boot
- WEB https://github.com/TaleLin/lin-cms-spring-boot/blob/3fc25bd8c10c73db2e7230809b322127eac554e3/src/main/resources/application.yml#L43
- WEB https://web.archive.org/web/20220721190946/https://www.mesec.cn/archives/277
Ready to move
Start Securing
Free, no credit card | First findings in minutes