| عنوان | https://github.com/getmaxun https://github.com/getmaxun/maxun ≤ v0.0.28 Authentication Bypass by Primary Weakness |
|---|
| الوصف | Maxun has a default JWT encryption key, and the key value is the open-source default value in the official deployment tutorial. This has also been verified in their cloud service. Once an attacker knows this authentication key, they can forge the identity credentials of all users and thus take over the backend. |
|---|
| المصدر | ⚠️ https://gist.github.com/H2u8s/40be31987e52fc81076b6bfcfbdf3cd6 |
|---|
| المستخدم | 28Hus (UID 92415) |
|---|
| ارسال | 09/12/2025 03:22 PM (6 أشهر منذ) |
|---|
| الاعتدال | 26/12/2025 07:11 PM (17 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 338476 [getmaxun حتى 0.0.28 auth.ts api_key تشفير ضعيف] |
|---|
| النقاط | 17 |
|---|