|
|
|
|
|
|
by HalcyonCowboy
320 days ago
|
|
|
Brilliant write up, glad you made the effort. Trying to understand better where the JWT vulnerability was here, you said:
“So you could log in with my username and password, grab the JWT, and then send that along with your request.” Am I understanding here that you weren’t validating the sub/userId or role in the JWT? I.e. any user with a valid JWT could hit the admin api endpoints? Or did I misunderstand that? |
|
|