mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-05 18:27:17 +00:00
985 B
985 B
CVE-2016-5431
Description
The PHP JOSE Library by Gree Inc. before version 2.2.1 is vulnerable to key confusion/algorithm substitution in the JWS component resulting in bypassing the signature verification via crafted tokens.
POC
Reference
Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Nucleware/powershell-jwt
- https://github.com/d3ck9/HTB-Under-Construction
- https://github.com/d7cky/HTB-Under-Construction
- https://github.com/mxcezl/JWT-SecLabs
- https://github.com/phramz/tc2022-jwt101
- https://github.com/vivekghinaiya/JWT_hacking