Auth0: >> Angular-Jwt >> 0.0.9 Security Vulnerabilities
Auth0 angular-jwt before 0.1.10 treats whiteListedDomains entries as regular expressions, which allows remote attackers with knowledge of the jwtInterceptorProvider.whiteListedDomains setting to bypass the domain whitelist filter via a crafted domain.
CVSS Score
6.5
EPSS Score
0.005
Published
2018-06-19