Pac4J JWT 4.x < 4.5.9 / 5.x < 5.7.9 / 6.x < 6.3.3 Authentication Bypass
The version of Pac4J JWT installed on the remote host is affected by an authentication bypass vulnerability. - pac4j-jwt versions prior to 4.5.9, 5.7.9, and 6.3.3 contain an authentication bypass vulnerability in JwtAuthenticator when processing encrypted JWTs that allows remote attackers to forg...