CVE-2025-10671 | youth-is-as-pale-as-poetry e-learning 1.0 JWT Token JwtUtils.java encryptSecret random values

A vulnerability was found in youth-is-as-pale-as-poetry e-learning 1.0. It has been classified as problematic. Impacted is the function encryptSecret of the file e-learning-masterexam-apisrcmainjavacomyfexamabilityshirojwtJwtUtils.java of the component JWT Token Handler. The manipulation leads to insufficiently random values.

This vulnerability is documented as CVE-2025-10671. The attack can be initiated remotely. Additionally, an exploit exists.