{"vulnerability": "CVE-2023-25403", "sightings": [{"uuid": "0ea42169-0ccf-4fff-a94c-8a2994676263", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25403", "type": "seen", "source": "Telegram/fEj_zU4sWG6y15VSCk_laNIAxR1KDR9XtOkiRqQq1ZE8c02i", "content": "", "creation_timestamp": "2025-03-08T04:35:51.000000Z"}, {"uuid": "68cae819-8fd8-41bf-ab98-215a8211b917", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25403", "type": "seen", "source": "https://t.me/cibsecurity/59417", "content": "\u203c CVE-2023-25403 \u203c\n\nCleverStupidDog yf-exam v 1.8.0 is vulnerable to Authentication Bypass. The program uses a fixed JWT key, and the stored key uses username format characters. Any user who logged in within 24 hours. A token can be forged with his username to bypass authentication.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-04T02:35:43.000000Z"}]}