Episode 27: Top 7 Esoteric Web Vulnerabilities
Critical Thinking - Bug Bounty Podcast
00:00
The Pitfalls of Self-Authentication in JWT Tokens
Roxanne Jones: I think it's really interesting because this is a something that we talk about in app app, a lot where it's like validation versus verification. And you're not actually checking who signed it or is the key correct. Like if you're not doing those checks, then that's where these little like weird, weird edge cases can happen. She says she doesn't see any problems on the JWT front but thinks other technologies have their own pitfalls.
Transcript
Play full episode
