Taier icon indicating copy to clipboard operation
Taier copied to clipboard
verified publisher icon DTStack

Taier存在JWT硬编码漏洞

Open hhyhgoboy opened this issue 1 year ago • 0 comments

Search before asking

  • [X] I had searched in the issues and found no similar question.

  • [X] I had searched my question on the internet but i didn't get any help.

  • [X] I had read the documentation: Taier doc but it didn't help me.

Description

Taier存在JWT硬编码漏洞。 由于开发者使用硬编码,导致攻击者可以伪造jwt token实现权限绕过随意访问后台数据。 修复建议 使用随机数生成新的密钥 如何修复

Code of Conduct

hhyhgoboy avatar Jun 07 '24 07:06 hhyhgoboy