Site icon API Security Blog

Privilege Escalation

github.com/mosn/mosn is vulnerable to Privilege Escalation. The vulnerability exists due to the `prefixMatcher` function in `matcher.go` while using JWT authorization, which is case-sensitive to the prefix that the URL matches, which may result in authentication bypass.Read More

Exit mobile version