Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2018-1000125 PoC — inversoft prime-jwt 输入验证错误漏洞

Source
https://github.com/andikahilmy/CVE-2018-1000125-prime-jwt-vulnerable
Associated Vulnerability
Title:inversoft prime-jwt 输入验证错误漏洞 (CVE-2018-1000125)
Description:inversoft prime-jwt是一个开源的基于Java 8的JWT库。 inversoft prime-jwt 1.3.0之前的版本和commit 0d94dcef0133d699f21d217e922564adbb83a227之前的版本中的JWTDecoder.decode存在输入验证错误漏洞。攻击者可借助特制令牌利用该漏洞使其对JWT进行解码和验证(即使没有有效的签名)。
File Snapshot

 None
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.