Lcobucci jwt 数据伪造问题漏洞

Jwt is a simple library that uses Json Web Token and Json Web Signature. Lcobucci jwt is vulnerable to a data forgery issue that stems from a failure to validate data in the product based on the hmac algorithm using a file path as a hash key to validate the token. An attacker could initiate a...