Amartya Jha

**Name of the Vulnerable Software and Affected Versions** pac4j-jwt versions prior to 4.5.9 pac4j-jwt versions prior to 5.7.9 pac4j-jwt versions prior to 6.3.3 **Description** An authentication bypass exists in the `JwtAuthenticator` component when processing encrypted JSON Web Tokens (JWTs). Remote attackers possessing the server's RSA public key can forge authentication tokens by creating a JWE-wrapped PlainJWT (an unsigned JWT) containing arbitrary subject and role claims. Because the library improperly handles these tokens, it skips the signature verification process, allowing the attacker to impersonate any user, including administrators. **Recommendations** Update pac4j-jwt to version 4.5.9 or later. Update pac4j-jwt to version 5.7.9 or later. Update pac4j-jwt to version 6.3.3 or later.