Posted by Paragon Initiative Enterprises Security Team on Aug 13


Once upon a time, the Auth0 team demonstrated several attacks against JWT
libraries that are still found to this day. You can read about their
research here:

Or for a more fun spin on the issue, you can just check

The two issues that were identified there were alg=none and substituting
HMAC over an…
Read More – Full Disclosure

By |2021-08-13T17:19:05-04:00August 13th, 2021|