7 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
37.7%
Xpand IT Write-back Manager v2.3.1 uses weak secret keys to sign JWT tokens. This allows attackers to easily obtain the secret key used to sign JWT tokens via a bruteforce attack.
balwurk.github.io/CVE-2023-27172/