hapi-auth-jwt2 prior to version 5.1.2 are affected by a complete authentication bypass vulnerability when in the
try authentication mode.
Update to version 5.1.2 or later.
Have content suggestions? Send them to [email protected]
publishedAdvisory publishedJan 28th, 2016
reportedInitial report by Alan ShawJan 28th, 2016