4 matches found
CVE-2026-28678
DSA Study Hub is an interactive educational web application. Prior to commit d527fba, the user authentication system in server/routes/auth.js was found to be vulnerable to Insufficiently Protected Credentials. Authentication tokens JWTs were stored in HTTP cookies without cryptographic protection...
CVE-2026-28678
DSA Study Hub is an interactive educational web application. Prior to commit d527fba, the user authentication system in server/routes/auth.js was found to be vulnerable to Insufficiently Protected Credentials. Authentication tokens JWTs were stored in HTTP cookies without cryptographic protection...
CVE-2026-28678 dsa-hub-server: Clear-Text Storage of Sensitive Data
DSA Study Hub is an interactive educational web application. Prior to commit d527fba, the user authentication system in server/routes/auth.js was found to be vulnerable to Insufficiently Protected Credentials. Authentication tokens JWTs were stored in HTTP cookies without cryptographic protection...
PT-2026-23866
Name of the Vulnerable Software and Affected Versions DSA Study Hub versions prior to commit d527fba Description The user authentication system in the application’s server/routes/auth.js component had a flaw related to insufficiently protected credentials. Authentication tokens, specifically JWTs...