CNNVD-202512-3785 Information
Dec 19, 2025
cve
CNNVD ID
CNNVD-202512-3785
Related CVE
- CNNVD Published: 2025-12-19
Description (Chinese)
Ever Gauzy Platform是Ever开源的一个开放式业务管理平台。 Ever Gauzy Platform v0.281.9版本存在数据伪造问题漏洞,该漏洞源于JWT认证实现不当,可能导致未经授权的访问。
Description (English)
Ever Gauzy Platform is an open operating management platform for Ever ’ s open source. Version Ever Gauzy Platform v.281.9 contains a loophole in data forgery, which stems from the improper implementation of JWT certification and may lead to unauthorized access.
Hazard Level
Low
Vulnerability Type
数据伪造问题
Affected Vendor
Ever
Published
2025-12-19
Last Modified
2026-02-24
References
https://github.com/ever-co/ever-gauzy https://www.vulncheck.com/advisories/ever-gauzy-jwt-authentication-weakness-via-hmac-secret https://www.exploit-db.com/exploits/51354 https://access.redhat.com/security/cve/cve-2023-53951
Patch
https://github.com/ever-co/ever-gauzy/releases
Share on: