CVE-2015-20110 — JHipster generator-jhipster before 2.23.0 allows a timing attack against validateToken due to a string comparison that stops at the first character that is different. Attackers can guess tokens by bru — CVE Database · The Intelligence Room