JSON Web Token XV: CVE-2022-39227

Bookmarked!

This exercise covers the exploitation of polyglot token against python_jwt (CVE-2022-39227)

PRO Hard < 1 Hr. 35

Course

In this exercise, we cover CVE-2022-39227, a vulnerability in python-jwt that allows attackers to forge malicious tokens. By exploiting this vulnerability, an attacker can modify a token to become an admin user.

Topics

JWT

Ready to practice?

Get access to this lab and 600+ hands-on exercises with a PRO subscription.

Go PRO or create a free account