2025-04-24 09:25:23
CERTVDE
PUBLISHED
Due to improper JSON Web Tokens implementation an unauthenticated remote attacker can guess a valid session ID and therefore impersonate a user to gain full access.