Interesting JWT vulnerability. bhavukjain.com/blog/2020/05/…
4
7
2
27
Replying to @JGamblin
This has almost nothing to do with JWTs, or even OpenID Connect for that matter.

May 31, 2020 · 6:06 PM UTC

1
2
Replying to @aaronpk
Yep, I realized that after I posted and made a clarifying post in the thread, which you should have saw?
1
I should have replied to that one. It’s barely a logic bug using JWT. I’m writing up more details in a blog post, will post a link shortly.
1