Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
Freak_NL
65 days ago
|
parent
|
context
|
favorite
| on:
One Token to rule them all – Obtaining Global Admi...
And of course, because the inner JWT is already signed, why bother signing the outer one? Just validate the inner one!
I'm feeling sorry for those poor abused JWTs in this vulnerability.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
I'm feeling sorry for those poor abused JWTs in this vulnerability.