Critical Vulnerabilities Affect JSON Web Token Libraries for JavaScript and PHP

By HTMLGoodies Staff

JWT is now a standard which produces tokens between two parties allowing a server to produce an admin token, transferred in JSON, and then signed by the server’s key which allows clients to then go on to use that token in order to verify the user is logged in as an admin. Now a Canadian security researcher, Tim McLean who specializes in cryptography has unearthed the issues, points out that attackers could exploit one of those vulnerabilities, which abuses an asymmetric signing algorithm present in some JWT libraries. Continue reading this story here.

Make a Comment

Loading Comments...

  • Web Development Newsletter Signup

    Invalid email
    You have successfuly registered to our newsletter.

    By submitting your information, you agree that htmlgoodies.com may send you HTMLGOODIES offers via email, phone and text message, as well as email offers about other products and services that HTMLGOODIES believes may be of interest to you. HTMLGOODIES will process your information in accordance with the Quinstreet Privacy Policy.

Thanks for your registration, follow us on our social networks to keep up-to-date