Tales of pentester part 2
Hello readers! Recently I was on this pentesting engagement and found this vulnerability that I wanted to share.
1. Organization that makes medical software
Finding(s):
JWT tokens stored in LocalStorage leading to compromise of user accounts via API...
epliu_2555.hashnode.dev5 min read