CVE-2021-45890
AuthGuard (before v0.9.0) is vulnerable due to a flaw in basic/BasicAuthProvider.java that allows authentication via an inactive identifier. The issue enables bypassing identity checks within the authentication flow, effectively permitting login even when the identifier should be inactive. This v...