Authorization Bypass

jwcrypto is vulnerable to authorization bypass. The vulnerability is due to JWT auto-detecting the token type; under certain circumstances, it’s possible to substitute a signed JWS token with a JWE token encrypted with the public key used for signature validation.Read More

Back to Main

Subscribe for the latest news:
Generated by Feedzy
%d bloggers like this: