JWT.php in F21 JWT before 2.0 allows remote attackers to bypass signature verification via crafted tokens.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected