Over the last few months, some implementations of JSON Web Tokens (JWTs) that have ultimately led to compromise of the web application. Some scenarios include, stealing admin tokens through XSS (detailed in this blog) and forging claims during account registration to create standard accounts with admin privileges.

Bharat Dwarkani shared on Sep 15, 2019
image
medium.com
bookmarks
share
visibility38
visibility38 share bookmarks
add