CVE-2024-10920 | mariazevedo88 travels-java-api up to 5.0.1 JWT Secret JwtAuthenticationTokenFilter.java doFilterInternal hard-coded key

A vulnerability was found in mariazevedo88 travels-java-api up to 5.0.1 and classified as problematic. Affected by this issue is the function doFilterInternal of the file travels-java-api-mastersrcmainjavaiogithubmariazevedo88travelsjavaapifiltersJwtAuthenticationTokenFilter.java of the component JWT Secret Handler. The manipulation leads to use of hard-coded cryptographic key
.

This vulnerability is handled as CVE-2024-10920. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2024-10920 | mariazevedo88 travels-java-api up to 5.0.1 JWT Secret JwtAuthenticationTokenFilter.java doFilterInternal hard-coded key

Related Posts

CVE-2024-27245 | Zoom Workplace Desktop App buffer overflow

CVE-2024-8793 | Store Exporter for WooCommerce Plugin up to 2.7.2.1 on WordPress cross site scripting

CVE-2024-45786 | Reedos Software Solutions Mutual Fund Distribution Product 2.0.1 API Endpoint authorization (CIVN-2024-0291)

CVE-2023-51553 | Foxit PDF Reader Bookmark out-of-bounds (ZDI-23-1867)