Ramank775

**Name of the Vulnerable Software and Affected Versions** Chat Server versions 2.3.2 through 2.5.x **Description** The issue concerns a bug in validating the access token, resulting in authentication bypass. The function `this.authProvider.verifyAccessKey` is an async function, but the code does not use `await` to wait for the verification result, causing the function to respond with success along with an unhandled exception if the token is invalid. **Recommendations** For versions 2.3.2 through 2.5.x, update to version 2.6.0 to resolve the issue. As a temporary workaround, consider modifying the `this.authProvider.verifyAccessKey` function to properly handle the async verification result until a patch is applied.