Filtered by vendor Panindex Project
Subscriptions
Filtered by product Panindex
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-27583 | 1 Panindex Project | 1 Panindex | 2023-11-07 | 9.8 Critical |
| PanIndex is a network disk directory index. In Panindex prior to version 3.1.3, a hard-coded JWT key `PanIndex` is used. An attacker can use the hard-coded JWT key to sign JWT token and perform any actions as a user with admin privileges. Version 3.1.3 has a patch for the issue. As a workaround, one may change the JWT key in the source code before compiling the project. | ||||
Page 1 of 1.