Open hhyhgoboy opened 3 months ago
[X] I had searched in the issues and found no similar question.
[X] I had searched my question on the internet but i didn't get any help.
[X] I had read the documentation: Taier doc but it didn't help me.
Taier存在JWT硬编码漏洞。 由于开发者使用硬编码,导致攻击者可以伪造jwt token实现权限绕过随意访问后台数据。 修复建议 使用随机数生成新的密钥 如何修复
Search before asking
[X] I had searched in the issues and found no similar question.
[X] I had searched my question on the internet but i didn't get any help.
[X] I had read the documentation: Taier doc but it didn't help me.
Description
Taier存在JWT硬编码漏洞。 由于开发者使用硬编码,导致攻击者可以伪造jwt token实现权限绕过随意访问后台数据。 修复建议 使用随机数生成新的密钥 如何修复
Code of Conduct