2018-04-04 17:00:00
mitre
PUBLISHED
The Auth0 authentication service before 2017-10-15 allows privilege escalation because the JWT audience is not validated.