@valtimo/components is vulnerable to JWT Exposure. The vulnerability is due to a misconfiguration of the Form.io component, which exposes the user's access token (JWT) to api.form.io via the x-jwt-token header, allowing attackers to retrieve personal information or execute requests to the Valtimo REST API on behalf of the logged-in…Read More