Site icon API Security Blog

Authentication Bypass

firebase/php-jwt is vulnerable to Authentication Bypass. The vulnerability is due to missing algorithm checks when calling the decode method allowing attackers bypass verification when using asymmetric keys (RS256, RS384, RS512, ES256, ES384, ES512) when there is no algorithm specified within theā€¦Read More

Exit mobile version