Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories: GSA_kwCzR0hTQS1xNzJwLTR3NTYtaHg3aM4AAtkq

Hardcoded JWT Token in Lin CMS Spring Boot

An access control issue in Lin CMS Spring Boot v0.2.1 allows attackers to access the backend information and functions within the application.

Permalink: https://github.com/advisories/GHSA-q72p-4w56-hx7h
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1xNzJwLTR3NTYtaHg3aM4AAtkq
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: over 2 years ago
Updated: over 1 year ago


CVSS Score: 7.5
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Percentage: 0.01858
EPSS Percentile: 0.88624

Identifiers: GHSA-q72p-4w56-hx7h, CVE-2022-32430
References: Repository: https://github.com/TaleLin/lin-cms-spring-boot
Blast Radius: 3.6

Affected Packages

maven:io.github.talelin:lin-cms-core
Dependent packages: 1
Dependent repositories: 3
Downloads:
Affected Version Ranges: <= 0.2.1
No known fixed version
All affected versions: