0x5t4l1n/CVE
1
0
Fork 0
mirror of https://github.com/0x5t4l1n/CVE.git synced 2026-05-26 11:25:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
339d0ac8426e88f0fe5b82698574ef1541f6becb
CVE/patches/CVE-2026-44720.md
T
Stalin 91a2c08c8c Create CVE-2026-44720.md
2026-05-08 13:14:12 +05:30

749 B
Raw Blame History

CVE

CVE-2026-44720 — Authentication Bypass via JWT Signature Verification Disabled (OpenLearnX)

Severity: Moderate
CWE: CWE-287, CWE-347

Summary

An authentication bypass vulnerability in OpenLearnX allowed attackers to forge JWT tokens when signature verification was disabled in certain authentication flows.

Impact

  • Unauthorized account access
  • Account takeover under affected configurations
  • Authentication bypass using crafted JWT tokens

Affected

< 2.0.3

Fixed

= 2.0.3

References

Credits

Finder: krrazee
Remediation Developer: 0x5t4l1n

Reference in New Issue View Git Blame Copy Permalink