PortSwigger - JWT Authentication Bypass via Unverified Signature
This lab uses a JWT-based mechanism for handling sessions. Due to implementation flaws, the server doesn’t verify the signature of any JWTs that it receives. To solve the lab, modify your sess...