Common Web Application Vulnerabilities – JWTs

We’ve been running across a lot of modern web applications lately that have implemented JSON Web Tokens (also known as JWTs) for session tracking. JWTs are an open, industry standard designed to securely transmit information between two parties as a cryptographically-signed, JSON object. While the JWT specification is designed generically to account for a variety […]