CVE-2025-3177

Name of the Vulnerable Software and Affected Versions FastCMS version 0.1.5

Description A critical issue affects the JWT Handler component, where the manipulation leads to the use of a hard-coded cryptographic key. The attack can be initiated remotely, with a rather high complexity, making exploitation difficult.

Recommendations For FastCMS version 0.1.5, consider disabling the JWT Handler component until a patch is available to prevent the use of the hard-coded cryptographic key. At the moment, there is no information about a newer version that contains a fix for this vulnerability.