Vulnerabilities > Auth0 > Angular JWT > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-06-19 | CVE-2018-11537 | Improper Input Validation vulnerability in Auth0 Angular-Jwt Auth0 angular-jwt before 0.1.10 treats whiteListedDomains entries as regular expressions, which allows remote attackers with knowledge of the jwtInterceptorProvider.whiteListedDomains setting to bypass the domain whitelist filter via a crafted domain. | 4.3 |