CVE-2025-35940 - ArchiverSpaApi JWT Signing Key Hard-Coded Vulnerability




CVE ID : CVE-2025-35940
Published : June 10, 2025, 9:15 p.m. | 1 hour, 28 minutes ago
Description : The ArchiverSpaApi ASP.NET application uses a hard-coded JWT signing key. An unauthenticated remote attacker can generate and use a verifiable JWT token to access protected ArchiverSpaApi URL endpoints.
Severity: 8.1 | HIGH

Post a Comment

Please Select Embedded Mode To Show The Comment System.*

Previous Post Next Post