市值: $2.0262T -2.27%
體積(24小時): $80.928B 24.80%
  • 市值: $2.0262T -2.27%
  • 體積(24小時): $80.928B 24.80%
  • 恐懼與貪婪指數:
  • 市值: $2.0262T -2.27%
加密
主題
加密植物
資訊
加密術
影片
頭號新聞
加密
主題
加密植物
資訊
加密術
影片
bitcoin
bitcoin

$87959.907984 USD

1.34%

ethereum
ethereum

$2920.497338 USD

3.04%

tether
tether

$0.999775 USD

0.00%

xrp
xrp

$2.237324 USD

8.12%

bnb
bnb

$860.243768 USD

0.90%

solana
solana

$138.089498 USD

5.43%

usd-coin
usd-coin

$0.999807 USD

0.01%

tron
tron

$0.272801 USD

-1.53%

dogecoin
dogecoin

$0.150904 USD

2.96%

cardano
cardano

$0.421635 USD

1.97%

hyperliquid
hyperliquid

$32.152445 USD

2.23%

bitcoin-cash
bitcoin-cash

$533.301069 USD

-1.94%

chainlink
chainlink

$12.953417 USD

2.68%

unus-sed-leo
unus-sed-leo

$9.535951 USD

0.73%

zcash
zcash

$521.483386 USD

-2.87%

加密貨幣新聞文章

FormBricks漏洞:JWT驗證慘敗導致身份驗證旁路

2025/09/29 16:23

形式上的關鍵缺陷突出了JWT驗證不當的危險。了解缺失的簽名驗證導致潛在的帳戶收購。

FormBricks漏洞:JWT驗證慘敗導致身份驗證旁路

Hold on to your hats, folks! In the ever-evolving world of cybersecurity, a new twist has emerged involving Formbricks, an open-source experience management platform. The buzz? A 'Formbricks vulnerability, JWT validation, authentication bypass' scenario that could make even the most seasoned security pro raise an eyebrow.

抓住你的帽子,伙計們!在不斷發展的網絡安全世界中,出現了一個新的轉折,涉及一個開源體驗管理平台FormBricks。嗡嗡聲?一個“形式易怒,JWT驗證,身份驗證旁路”方案,即使是經驗最豐富的Security Pro也會引起眉毛。

The JWT Jungle: A Validation Vacation

JWT叢林:驗證假期

The heart of the matter lies in a critical security flaw, now identified as CVE-2025-59934, affecting Formbricks versions prior to 4.0.1. The culprit? Improper JWT (JSON Web Token) validation. Instead of using the robust jwt.verify(), the system was relying on the less secure jwt.decode(). Think of it like checking IDs at a bar, but only glancing at them instead of verifying their authenticity. Big no-no!

問題的核心在於一個關鍵的安全漏洞,現在被確定為CVE-2025-59934,影響4.0.1之前的FormBricks版本。罪魁禍首? JWT(JSON Web令牌)驗證不當。該系統不使用可靠的JWT.Verify(),而是依靠較不安全的JWT.Decode()。可以將其視為在酒吧檢查ID,而只是瞥了一眼它們而不是驗證其​​真實性。大否!

Security researcher mattinannt blew the whistle on this vulnerability, which has been classified as critical due to the potential for unauthorized access to user accounts. Formbricks has since patched things up with version 4.0.1, but those running older versions are still in the danger zone.

安全研究人員Mattinannt吹響了此漏洞的哨子,由於未經授權訪問用戶帳戶的訪問可能,該漏洞被歸類為至關重要。此後,FormBricks用4.0.1版修補了內容,但是運行較舊版本的那些仍處於危險區域。

Decoding the Danger: How the Bypass Works

解碼危險:旁路的工作方式

The vulnerability resides in the verifyToken function, located in /formbricks/apps/web/lib/jwt.ts. This function was merely decoding JWT tokens without performing essential security checks, like verifying digital signatures, token expiration, issuer validation, and audience verification. It's like giving anyone who walks in the door a free pass, as long as they look like they belong.

漏洞位於位於/formbricks/apps/web/lib/jwt.ts中的驗證功能中。此功能只是在沒有執行基本安全檢查的情況下解碼JWT令牌,例如驗證數字簽名,代幣到期,發行人驗證和受眾驗證。這就像給任何一個免費通行證的人,只要他們看起來像屬於自己。

Both the email verification token login path and password reset functionality were relying on this flawed validator. Imagine the chaos! An attacker only needs to know a target's user ID (which follows a predictable format) to craft a malicious JWT. They can then use the "alg": "none" algorithm header, effectively creating unsigned tokens that the system happily accepts. Talk about an authentication bypass!

電子郵件驗證令牌登錄路徑和密碼重置功能都取決於此缺陷的驗證器。想像一下混亂!攻擊者只需要了解目標的用戶ID(遵循可預測格式)即可製作惡意JWT。然後,他們可以使用“ alg”:“無”算法標題,有效地創建了系統樂於接受的無符號令牌。談論身份驗證旁路!

Password Reset Pandemonium

密碼重置pandemonium

The password reset functionality was particularly vulnerable. The system would extract the user ID from the unverified JWT payload and directly update the user’s password in the database. An attacker could forge a password reset URL containing a crafted token and submit it with a new password, effectively taking over the account. This is not just a vulnerability; it’s an open invitation to digital mischief.

密碼重置功能特別脆弱。系統將從未驗證的JWT有效載荷中提取用戶ID,並在數據庫中直接更新用戶的密碼。攻擊者可以偽造包含工藝令牌的密碼重置URL,並使用新密碼提交,並有效地接管了該帳戶。這不僅是一個脆弱性;這是對數字惡作劇的公開邀請。

The Fix is In: Upgrade Now!

修復程序已在:現在升級!

The good news is that Formbricks has addressed this issue in version 4.0.1. The fix implements proper JWT signature verification using jwt.verify(), ensuring that only cryptographically valid tokens can authenticate users. If you're using an older version, upgrade immediately. It's like finally hiring a bouncer who actually checks IDs.

好消息是,FormBricks已在版本4.0.1中解決了此問題。該修復程序使用jwt.verify()實現了適當的JWT簽名驗證,以確保只有密碼有效的令牌才能驗證用戶。如果您使用的是舊版本,請立即升級。這就像終於僱用了一個實際檢查ID的保鏢一樣。

My Two Cents: JWTs - Handle with Care!

我的兩分錢:JWTS-小心處理!

This Formbricks vulnerability serves as a stark reminder of the importance of proper JWT validation. JWTs are powerful tools, but they're only as secure as their implementation. Using jwt.decode() without proper verification is like leaving your front door unlocked. Always verify those signatures, folks! It's a critical step in maintaining a secure system.

這種形式的脆弱性使人想起了適當的JWT驗證的重要性。 JWT是強大的工具,但它們僅與實施一樣安全。在沒有適當驗證的情況下,使用JWT.Decode()就像離開前門解鎖一樣。總是驗證這些簽名,伙計們!這是維護安全系統的關鍵步驟。

This highlights a broader trend: developers need to be ever vigilant in securing their applications. The

這突出了一個更廣泛的趨勢:開發人員需要保持警惕,以確保其應用。這

原始來源:cybersecuritynews

免責聲明:info@kdj.com

所提供的資訊並非交易建議。 kDJ.com對任何基於本文提供的資訊進行的投資不承擔任何責任。加密貨幣波動性較大,建議您充分研究後謹慎投資!

如果您認為本網站使用的內容侵犯了您的版權,請立即聯絡我們(info@kdj.com),我們將及時刪除。

2026年07月01日 其他文章發表於