Pac4j is a simple yet powerful Java security engine. Used to authenticate users, obtain their profiles and manage authorization to protect Web applications and Web services.Pac4j has a data forgery problem vulnerability that stems from the product not using a valid algorithm when validating ID tokens, which can be exploited by attackers to bypass token authentication.
CPE | Name | Operator | Version |
---|---|---|---|
Pac4j Pac4j | le | 5.1 |