github.com/kubevela/kubevela is vulnerable to authentication bypass. The vulnerability exists in authentication.go
because the users are allowed use the platformID to re-generate the JWT tokens which allows an attacker to bypass the authentication.