I am trying to get more information about JWT Authentication in Node.js. I am having trouble finding the vulnerabilities, as I have not yet had a ton of experience with JSON or JavaScript, but a link a friend sent me caught my eye. Of course, I have googled, but it still hasn't clicked in my mind. Why/how is it vulnerable? Example: Say I have credentials to a site that uses JWT Auth and sets the cookie as the JWT. Is there an inherent issue with this? My first guess would be MITM but I'm not sure if that applies.
Again, I am fairly new to this, so any help would be appreciated!
[link] [comments]
from hacking: security in practice https://ift.tt/M7nIQOV
Comments
Post a Comment