High severityNVD Advisory· Published Jul 25, 2019· Updated Aug 4, 2024
CVE-2019-13483
CVE-2019-13483
Description
Auth0 Passport-SharePoint before 0.4.0 does not validate the JWT signature of an Access Token before processing. This allows attackers to forge tokens and bypass authentication and authorization mechanisms.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
passport-sharepointnpm | < 0.4.0 | 0.4.0 |
Affected products
2- Auth0/Passport-SharePointdescription
Patches
Vulnerability mechanics
References
3- github.com/advisories/GHSA-45fh-g845-pj9wghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2019-13483ghsaADVISORY
- auth0.com/docs/security/bulletins/cve-2019-13483ghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.