CVE-2025-49001 – DataEase JWT Token Forgery Vulnerability

CVE ID : CVE-2025-49001

Published : June 3, 2025, 9:15 p.m. | 1 hour, 15 minutes ago

Description : DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.10, secret verification does not take effect successfully, so a user can use any secret to forge a JWT token. The vulnerability has been fixed in v2.10.10. No known workarounds are available.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

نوشته های مشابه

CVE-2025-48493 – “Redis AUTH Credentials Exposed in Yii Logs”

CVE-2025-49009 – Facebook Para Facebook Auth Token Information Disclosure

CVE-2025-5668 – PHPGurukul Medical Card Generation System SQL Injection Vulnerability

CVE-2025-5669 – PHPGurukul Medical Card Generation System SQL Injection