Withdrawn: SFTPGo's JWT implmentation lacks certain security measures
Withdrawn: The attack vector described in the backing report required that an attacker gain access to a user's session cookie. By gaining access to the session cookie the attacker is for all intents and purposes the valid user and any access to user data would be expected. In SFTPGo 2.6.2, the JW...