VYPR

npm package

angular-jwt

pkg:npm/angular-jwt

Vulnerabilities (1)

  • CVE-2018-11537MedJun 19, 2018
    affected < 0.1.10fixed 0.1.10

    Auth0 angular-jwt before 0.1.10 treats whiteListedDomains entries as regular expressions, which allows remote attackers with knowledge of the jwtInterceptorProvider.whiteListedDomains setting to bypass the domain whitelist filter via a crafted domain.