Name of the Vulnerable Software and Affected Versions: versions prior to 2.3 Description: An insufficiently secured internal function allows session generation for arbitrary users. The decodeParam function checks the JWT but does not verify which signing algorithm was used. An attacker can use the ex:action parameter in the VerifyUserByThrustedService function to generate a session for any user. Recommendations: Update to a version prior to 2.3. As a temporary workaround, consider restricting the use of the VerifyUserByThrustedService function until a patch is available. Avoid using the ex:action parameter until the issue is…Read More
PT-2025-34858 · Unknown · Verifyuserbythrustedservice
