Authentication Bypass

python-jwt is vulnerable to authentication bypass. An attacker can spoof the other user’s identities and hijack their sessions by obtaining the JWT token and arbitrarily forging its contents without knowing the secret key through the `verify_jwt` function of `__init__.py`Read More