Security Advisory

CVE-2018-11537

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-06-19 19:00:00

Last updated 2024-08-05 08:10:14

Assigner mitre

State PUBLISHED

Description

Auth0 angular-jwt before 0.1.10 treats whiteListedDomains entries as regular expressions, which allows remote attackers with knowledge of the jwtInterceptorProvider.whiteListedDomains setting to bypass the domain whitelist filter via a crafted domain.

← Browse all CVEs View on cve.org ↗