Course
This exercise delves into the <code>x5u</code> header in JWT tokens, guiding you to forge a token to become an admin. It highlights the security risks when an application trusts user-provided URLs for certificate verification.
Skills covered
Injection
Authentication
Cryptography
Operating System
Network
Topics
JWT
cwe-310
Ready to practice?
Get access to this lab and 600+ hands-on exercises with a PRO subscription.
