CVE-2025-52101 Information
Jul 02, 2025
cve
Description
linjiashop <=0.9 is vulnerable to Incorrect Access Control. When using the default-generated JWT authentication attackers can bypass the authentication and retrieve the encrypted \password\ and \salt. The password can then be obtained through brute-force cracking.
Reference
https://gist.github.com/NSW111/33824ceb4d1b920671124f77abfe27e8 https://gitee.com/microapp/linjiashop
Related CNNVD
CNNVD-202507-087 (Published: 2025-07-01)
Share on: