9.2 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
37.6%
Xpand IT Write-back Manager v2.3.1 uses weak secret keys to sign JWT tokens. This allows attackers to easily obtain the secret key used to sign JWT tokens via a bruteforce attack.
balwurk.github.io/CVE-2023-27172/