Nsw111

Name of the Vulnerable Software and Affected Versions: Linjiashop versions <=0.9 Description: The issue concerns Incorrect Access Control. When using the default-generated JWT authentication, attackers can bypass the authentication and retrieve the encrypted `password` and `salt`. The password can then be obtained through brute-force cracking. Recommendations: For Linjiashop versions <=0.9, as a temporary workaround, consider disabling the default-generated JWT authentication until a patch is available. Restrict access to sensitive data, such as encrypted passwords and salts, to minimize the risk of exploitation. Update to a version that includes a fix for this issue when available.