Site icon API Security Blog

Authentication Bypass

Victor Test

image
fast-jwt is vulnerable to Authentication Bypass. The vulnerability is due to improper validation of the iss claim, allowing an array of strings as a valid issuer, which can be exploited for JWT forgery and authentication bypass…Read More

Exit mobile version