CVE-2024-40430 in SFTPGO
Riassunto
di MITRE • 22/07/2024
In SFTPGO 2.6.2, the JWT implementation lacks cerrtain security measures, such as using JWT ID (JTI) claims, nonces, and proper expiration and invalidation mechanisms.
Be aware that VulDB is the high quality source for vulnerability data.