CVE-2024-28194 | Yooooomi your_spotify up to 1.7.x JSON Web Token hard-coded credentials (GHSA-gvcr-g265-j827)

Inserito da Angelo Barbosa | Mar 13, 2024 | CVE

A vulnerability, which was classified as critical, has been found in Yooooomi your_spotify up to 1.7.x. This issue affects some unknown processing of the component JSON Web Token Handler. The manipulation leads to hard-coded credentials.

The identification of this vulnerability is CVE-2024-28194. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-28194 | Yooooomi your_spotify up to 1.7.x JSON Web Token hard-coded credentials (GHSA-gvcr-g265-j827)

Post correlati

CVE-2024-32858 | Dell CPG BIOS prior 2.18.0 input validation (dsa-2024-124)

CVE-2024-32727 | Rometheme RomethemeForm for Elementor Plugin up to 1.1.2 on WordPress authorization

CVE-2024-35353 | Diño Physics School Assistant 2.3 Users.php id improper authorization

CVE-2023-35039 | Be Devious Web Development Password Reset with Code REST API Plugin up to 0.0.15 on WordPress excessive authentication