JWT Vulnerabilities
What is JWT Vulnerabilities?
JWT VulnerabilitiesClasses of implementation flaws in JSON Web Token validation that allow attackers to forge tokens, escalate privileges, or bypass authentication.
JSON Web Tokens are widely used for authentication and API authorization, but flexible signing options have produced several recurring vulnerability classes. The classic alg=none bug occurs when a verifier accepts an unsigned token. Weak HS256 secrets can be cracked offline, allowing attackers to mint arbitrary tokens. Key confusion happens when a server validates an HS256 token using a public RSA key, treating the public key as the HMAC secret. Other issues include missing signature verification, accepting tokens past their exp, kid header injection (path traversal or SQLi), and embedded jwk/jku attacks. Mitigations: pin algorithms server-side, use strong asymmetric keys, validate kid against an allowlist, and treat JWTs as untrusted input.
● Examples
- 01
{"alg":"none"} header accepted by a misconfigured library.
- 02
Server validates RS256 token using its public key as an HS256 HMAC secret.
● Frequently asked questions
What is JWT Vulnerabilities?
Classes of implementation flaws in JSON Web Token validation that allow attackers to forge tokens, escalate privileges, or bypass authentication. It belongs to the Application Security category of cybersecurity.
What does JWT Vulnerabilities mean?
Classes of implementation flaws in JSON Web Token validation that allow attackers to forge tokens, escalate privileges, or bypass authentication.
How does JWT Vulnerabilities work?
JSON Web Tokens are widely used for authentication and API authorization, but flexible signing options have produced several recurring vulnerability classes. The classic alg=none bug occurs when a verifier accepts an unsigned token. Weak HS256 secrets can be cracked offline, allowing attackers to mint arbitrary tokens. Key confusion happens when a server validates an HS256 token using a public RSA key, treating the public key as the HMAC secret. Other issues include missing signature verification, accepting tokens past their exp, kid header injection (path traversal or SQLi), and embedded jwk/jku attacks. Mitigations: pin algorithms server-side, use strong asymmetric keys, validate kid against an allowlist, and treat JWTs as untrusted input.
How do you defend against JWT Vulnerabilities?
Defences for JWT Vulnerabilities typically combine technical controls and operational practices, as detailed in the full definition above.
● Related terms
- identity-access№ 574
JWT (JSON Web Token)
Compact, URL-safe token format (RFC 7519) that carries signed JSON claims, widely used as access tokens, ID tokens, and session containers.
- identity-access№ 088
Bearer Token
An opaque or structured credential (RFC 6750) granting access to a resource simply by possession, without proof that the holder is the rightful owner.
- identity-access№ 007
Access Token
Short-lived credential issued by an authorization server that a client presents to an API to access protected resources on a user's or service's behalf.
- appsec№ 052
API Security
The discipline of designing, building and operating application programming interfaces so that authentication, authorization, data exposure and abuse-resistance hold up under attack.
- identity-access№ 076
Authentication
The process of verifying that an entity — user, device or service — really is who or what it claims to be before granting access.
- compliance№ 781
OWASP Top 10
An OWASP awareness document that lists the most critical security risks to web applications, updated periodically from real-world vulnerability data.