High severity7.5NVD Advisory· Published Mar 3, 2023· Updated Jun 17, 2026
CVE-2023-25403
CVE-2023-25403
Description
CleverStupidDog yf-exam v 1.8.0 is vulnerable to Authentication Bypass. The program uses a fixed JWT key, and the stored key uses username format characters. Any user who logged in within 24 hours. A token can be forged with his username to bypass authentication.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- CleverStupidDog/yf-examdescription
- Range: = 1.8.0
Patches
Vulnerability mechanics
References
2- github.com/CleverStupidDog/yf-exam/issues/2nvdExploitIssue TrackingThird Party Advisory
- github.com/Fw-fW-fw/UPDATE-CVE/blob/main/CVE-2023-25403nvdThird Party Advisory
News mentions
0No linked articles in our index yet.