Name of the Vulnerable Software and Affected Versions: Payload versions prior to 3.44.0 Description: Payload utilizes JSON Web Tokens (JWT) for authentication. Following a user logout, the JWT is not invalidated, enabling an attacker who has obtained a valid token—through theft or interception—to reuse it until its expiration date. The default expiration date is two hours, but this duration is configurable. Recommendations: Update to version 3.44.0 or…Read More