Portofino 5.0.0-5.2.0 - Improper Verification of Cryptographic Signature in JWT
Portofino is an open source web development framework. Portofino before version 5.2.1 did not properly verify the signature of JSON Web Tokens. This allows forging a valid JWT. The issue will be patched in the upcoming 5.2.1 release.