PT-2020-15041 · Istio · Istio
Name of the Vulnerable Software and Affected Versions: Kiali versions 0.4.0 through 1.15.0 Description: The issue is related to insufficient JWT validation, allowing a remote attacker to steal a valid JWT cookie and use it to spoof a user session. This could potentially grant privileges to view a...