Comment by Freak_NL
1 month ago
And of course, because the inner JWT is already signed, why bother signing the outer one? Just validate the inner one!
I'm feeling sorry for those poor abused JWTs in this vulnerability.
1 month ago
And of course, because the inner JWT is already signed, why bother signing the outer one? Just validate the inner one!
I'm feeling sorry for those poor abused JWTs in this vulnerability.
No comments yet
Contribute on Hacker News ↗