Home / Vulnerability Database / Java : Missing verification step of JWT-token
Java
Java : Missing verification step of JWT-token
Classification
OWASP Top 10 2013
OWASP Top 10 2017
OWASP Top 10 2021
OWASP MASVS
HIPAA
Overview
The application is missing the step of JWT-token verification. This can lead to token tampering, data leakage and unpredictable application performance.
References
- Hacking JSON Web Tokens (JWTs) - The Startup
- JSON Web Token for Java - OWASP Cheat Sheet Series
- OWASP Top 10 2017-A3-Sensitive Data Exposure
- OWASP Top 10 2013-A6-Sensitive Data Exposure
- CWE-325: Missing Required Cryptographic Step
- CWE CATEGORY: OWASP Top Ten 2017 Category A6 - Security Misconfiguration
CRITICAL
DerScanner Severity Score
Do you want to fix Java : Missing verification step of JWT-token in your application?
See also
Java
Java : Race condition
Java
Java : Text4Shell Vulnerability
Java
