| Max CVSS | 7.5 | Min CVSS | 6.8 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-6873 | 7.5 |
The Auth0 authentication service before 2017-10-15 allows privilege escalation because the JWT audience is not validated.
|
03-10-2019 - 00:03 | 04-04-2018 - 17:29 | |
| CVE-2018-6874 | 6.8 |
CSRF exists in the Auth0 authentication service through 14591 if the Legacy Lock API flag is enabled.
|
15-05-2018 - 18:08 | 04-04-2018 - 17:29 |