CNNVD-202510-058 Information

CNNVD ID

CNNVD-202510-058

Related CVE

CVE-2025-59685

• CNNVD Published: 2025-10-01

Description (Chinese)

Kazaar是Kazaar公司的一个印刷营销执行平台。 Kazaar 1.25.12版本存在安全漏洞，该漏洞源于允许使用alg字段为none的JWT，可能导致身份验证绕过。

Description (English)

Kazaar is a printing and marketing implementation platform for Kazaar. There is a security loophole in the Kazaar 1.2.5.12 version, which stems from the fact that JWT, which allows for the use of the alg field as none, may result in the identification being bypassed.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Kazaar

Published

2025-10-01

Last Modified

2026-02-24

References

https://github.com/Henkel-CyberVM/CVEs/tree/main/CVE-2025-59685 https://www.kazaar.com/