We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
https://github.com/ManyDesigns/Portofino before version 5.2.1 did not properly verify the signature of JSON Web Tokens. This allows forging a valid JWT.
The issue will be patched in the upcoming 5.2.1 release.
If you have any questions or comments about this advisory:
intrigus-lgtm Analyst
Impact
https://github.com/ManyDesigns/Portofino before version 5.2.1 did not properly verify the signature of JSON Web Tokens.
This allows forging a valid JWT.
Patches
The issue will be patched in the upcoming 5.2.1 release.
For more information
If you have any questions or comments about this advisory: