2 matches found
Exploit for Use of Hard-coded Credentials in Mariazevedo88 Travels-Java-Api
PoC Authentication Bypass MFA Really Simple Security WordPress...
CVE-2024-10920
CVE-2024-10920 affects travels-java-api (versions up to 5.0.1). The vulnerability exists in the JwtAuthenticationTokenFilter.doFilterInternal function of the JWT Secret Handler component, where a hard-coded cryptographic key is used. This enables remote exploitation with high attack complexity an...