Disclosing a New Vulnerability in JWT Secret Poisoning (CVE-2022-23529)
JsonWebToken is an open source JavaScript package that allows you to verify/sign JWTs, which are mainly used for authorization and authentication purposes. ... By exploiting this vulnerability, attackers could achieve remote code execution (RCE) on a server verifying a maliciously crafted JSON web token (JWT) request. CVEs: CVE-2022-23529 [View Article](https://unit42.paloaltonetworks.com/jsonwebtoken-vulnerability-cve-2022-23529/)