EPSS
Percentile
76.7%
react-adal is vulnerable to authentication bypass. An attacker is able to bypass authentication using a malicious JWT token which would be treated as authentic due to an insecure validation on the nonce.
github.com/salvoravida/react-adal/pull/115