2 matches found
Session Fixation
github.com/KubeOperator/kubepi is vulnerable to Session Fixation. The vulnerability exists due to insufficient session expiration mechanisms in the library, allowing an attacker to hijack the legitimate user sessions...
Authentication Bypass
github.com/kubeoperator/kubepi is vulnerable to authentication bypass. The vulnerability exists due to the use of hard coded Jwtsigkeys which allows an attacker to read the values and and use them to arbitrarily forge Jwtsigkeys...