JWT authentication bypass via X-HTTP-Method-Override header
JWT authentication bypass via X-HTTP-Method-Override header
github.com JWT authentication bypass via `X-HTTP-Method-Override` header
## Summary ESPv2 contains an authentication bypass vulnerability. API clients can craft a malicious `X-HTTP-Method-Override` header value to bypass JWT authentication in specific cases. ## Ba...
0 comments