Annotation tool: token forgery using jwt secret to claim super admin role

Although the annotator tool's source code is not directly provided in the repository a docker image is provided. From there it is easy to get access to the source code by either extracting the docker tar image, which can be exported from docker itself, or connecting to the container with an...