CVE-2021-40494
pypi/lxdui
Use of Hard-coded Credentials
A Hardcoded JWT Secret Key in metadata.py in AdaptiveScale LXDUI allows attackers to gain admin access to the host system.
All versions up to 2.1.3
Unfortunately, there is no solution available yet.
2021-09-16
source |