CVE-2022-35540 Information

Description

Hardcoded JWT Secret in AgileConfig <1.6.8 Server allows remote attackers to use the generated JWT token to gain administrator access.

Reference

https://github.com/dotnetcore/AgileConfig/issues/91