CVE-2024-1920 | osuuu LightPicture up to 1.2.2 TokenVerify.php handle hard-coded key

CVE-2024-1920 | osuuu LightPicture up to 1.2.2 TokenVerify.php handle hard-coded key

A vulnerability, which was classified as critical, has been found in osuuu LightPicture up to 1.2.2. This issue affects the function handle of the file /app/middleware/TokenVerify.php. The manipulation leads to use of hard-coded cryptographic key . The identification of this vulnerability is CVE-2024-1920. The attack may be initiated remotely. Furthermore, there is an exploit available.