An Example of A Vulnerability in The Early JWT Token node.js Library
An example of a vulnerability in the early JWT token node.js library: https://github.com/gluckzhang/ctf-jwt-token
Basic Introduction to JWT Token
According to standard RFC 7519, JSON Web Token (JWT) is a compact, URL-safe means of representing claims to be transferred between two parties. The claims in a JWT are encoded as a JSON object that is used as the payload of a JSON Web Signature (JWS) structure or as the plaintext of a JSON Web Encryption (JWE) structure, enabling the claims to be digitally signed or integrity protected with a Message Authentication Code (MAC) and/or encrypted.