Unrated severityNVD Advisory· Published Sep 1, 2022· Updated Aug 3, 2024
CVE-2022-36672
CVE-2022-36672
Description
Novel-Plus v3.6.2 was discovered to contain a hard-coded JWT key located in the project config file. This vulnerability allows attackers to create a custom user session.
Affected products
1- Range: = 3.6.2
Patches
Vulnerability mechanics
References
1- www.mesec.cn/archives/296mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.