Closed
Description
The hard-coded JWT Secret in the source code allows remote attackers to gain administrator access in AgileConfig Server.
Details and POC have been emailed.
源代码中存在JWT key 硬编码,导致原有的登录限制可能被绕过,直接以管理员权限访问系统
详细信息和POC已发送至邮箱
Metadata
Assignees
Labels
No labels