Stephan Hauser

**Name of the Vulnerable Software and Affected Versions** angular-jwt versions prior to 0.1.10 **Description** The issue allows remote attackers with knowledge of the `jwtInterceptorProvider.whiteListedDomains` setting to bypass the domain allowlist filter via a crafted domain. This is because the `whiteListedDomains` entries are treated as regular expressions. For example, if the setting is initialized with `jwtInterceptorProvider.whiteListedDomains = ['whitelisted.Example.com'];`, an attacker can set up a domain `whitelistedXexample.com` that will pass the allow list filter, as it considers the `.` separator to be a regex wildcard which matches any character. **Recommendations** For versions prior to 0.1.10, update to version 0.1.10 or later to resolve the issue. As a temporary workaround, consider manually validating domains against the allowlist to prevent bypassing the filter. Restrict access to the `jwtInterceptorProvider.whiteListedDomains` setting to minimize the risk of exploitation. Avoid using the `whiteListedDomains` setting with untrusted input until the issue is resolved.