Vulnerabilities > Auth0 > Angular JWT > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-06-19 CVE-2018-11537 Improper Input Validation vulnerability in Auth0 Angular-Jwt
Auth0 angular-jwt before 0.1.10 treats whiteListedDomains entries as regular expressions, which allows remote attackers with knowledge of the jwtInterceptorProvider.whiteListedDomains setting to bypass the domain whitelist filter via a crafted domain.
network
auth0 CWE-20
4.3