A JWT consists of 3 parts: a header, a payload, and a signature. JWT attacks involve a user sending modified JWTs to the server in order to achieve a malicious goal. The data of header & payload can be easily read or modified by anyone with access to the token.
Sort: