0x5t4l1n/CVE
1
0
Fork 0
mirror of https://github.com/0x5t4l1n/CVE.git synced 2026-05-26 11:25:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
CVE/patches/CVE-2026-44720.md
T
Stalin 33689357df Update CVE-2026-44720.md
2026-05-08 13:15:38 +05:30

753 B
Raw Permalink Blame History

CVE

CVE-2026-44720 — Authentication Bypass via JWT Signature Verification Disabled (OpenLearnX)

Severity: Moderate
CWE: CWE-287, CWE-347

Summary

An authentication bypass vulnerability in OpenLearnX allowed attackers to forge JWT tokens when signature verification was disabled in certain authentication flows.

Impact

  • Unauthorized account access
  • Account takeover under affected configurations
  • Authentication bypass using crafted JWT tokens

Affected

< 2.0.3

Fixed

>= 2.0.3

References

Credits

Finder: krrazee
Remediation Developer: 0x5t4l1n

Reference in New Issue View Git Blame Copy Permalink