JWT Attack Lab — Part 8: Algorithm Confusion, and a Bug the Attack Uncovered By Accident
Part 8, the final stage in a series building a Flask API with JWT authentication, then deliberately exploiting six real vulnerabilities in it.
Part 7 closed a gap in expiry enforcement. This last stag