10 matches found
CVE-2023-53951
Ever Gauzy v0.281.9 contains a JWT authentication vulnerability that allows attackers to exploit weak HMAC secret key implementation. Attackers can leverage the exposed JWT token to authenticate and gain unauthorized access with administrative permissions...
CVE-2023-53951
Ever Gauzy v0.281.9 contains a JWT authentication vulnerability that allows attackers to exploit weak HMAC secret key implementation. Attackers can leverage the exposed JWT token to authenticate and gain unauthorized access with administrative permissions...
CVE-2023-53951
Ever Gauzy v0.281.9 contains a JWT authentication vulnerability that allows attackers to exploit weak HMAC secret key implementation. Attackers can leverage the exposed JWT token to authenticate and gain unauthorized access with administrative permissions...
CVE-2023-53951 Ever Gauzy v0.281.9 JWT Authentication Weakness via HMAC Secret
Ever Gauzy v0.281.9 contains a JWT authentication vulnerability that allows attackers to exploit weak HMAC secret key implementation. Attackers can leverage the exposed JWT token to authenticate and gain unauthorized access with administrative permissions...
CVE-2023-53951
CVE-2023-53951 concerns Ever Gauzy v0.281.9, where a weak HMAC secret in the JWT authentication implementation allows forging tokens to authenticate with administrative permissions. The vulnerability is evidenced across multiple sources (including Red Hat, NVD/CNNVD-type records, CIRCL sightings,...
CVE-2023-53951 Ever Gauzy v0.281.9 JWT Authentication Weakness via HMAC Secret
Ever Gauzy v0.281.9 contains a JWT authentication vulnerability that allows attackers to exploit weak HMAC secret key implementation. Attackers can leverage the exposed JWT token to authenticate and gain unauthorized access with administrative permissions...
EUVD-2025-204596
Ever Gauzy v0.281.9 contains a JWT authentication vulnerability that allows attackers to exploit weak HMAC secret key implementation. Attackers can leverage the exposed JWT token to authenticate and gain unauthorized access with administrative permissions...
Ever Gauzy Platform 数据伪造问题漏洞
Ever Gauzy Platform is an open source business management platform from Ever. A Data Forgery Issue vulnerability exists in Ever Gauzy Platform version v0.281.9, which stems from an improper implementation of JWT authentication that could lead to unauthorized access...
PT-2025-52522
Name of the Vulnerable Software and Affected Versions Ever Gauzy version 0.281.9 Description The software contains a JWT authentication issue due to a weak HMAC secret key implementation. This allows attackers to exploit the exposed JWT token to authenticate and gain unauthorized access,...
ever gauzy v0.281.9 - JWT weak HMAC secret Vulnerability
Exploit Title: ever gauzy v0.281.9 - JWT weak HMAC secret Author: nu11secur1ty Vendor: https://gauzy.co/ Software: https://github.com/ever-co/ever-gauzy/releases/tag/v0.281.9 Reference: https://portswigger.net/kb/issues/00200903jwt-weak-hmac-secret Description: It was, detected a JWT signed using...