Site icon API Security Blog

Authentication Bypass

Victor Test

pyjwt is vulnerable to authentication bypass. The library permits an attacker submitting a JWT token to choose which algorithms are used when signing in, enabling non-blocklisted, but weak public key formats to be supported in the authentication process.Read More

Exit mobile version