| 4932 | JWT Refresh Token Manipulation |
JWT
Authentication bypass
Account takeover |
NA |
Mikail Tunç (@emtunc) |
Bug Bounty | 2017-11-16 | 2023-06-13 |
| 4505 | IDOR in JWT and the shortest token you will ever see {}.{“uid”: “1234567890”} |
IDOR |
NA |
Plenum (@plenumlab) |
Bug Bounty | 2018-10-30 | 2023-06-13 |
| 4335 | Hijacking accounts by retrieving JWT tokens via unvalidated redirects |
Open redirect
Token leak |
NA |
Shawar Khan (@ShawarkOFFICIAL) |
Bug Bounty | 2019-01-27 | 2023-06-13 |
| 3537 | DOM based open redirect to the leak of a JWT token |
Open redirect
DOM-based open redirect
Token leak |
NA |
Adolphoramirez |
Bug Bounty | 2020-04-20 | 2023-06-13 |
| 3499 | A tale of verbose error message and a JWT token |
Information disclosure
Authorization flaw |
NA |
Marek Geleta (@marek_geleta) |
Bug Bounty | 2020-05-05 | 2023-06-13 |
| 3313 | A tale of critical account take over |
Account takeover
Exposed JWT generation endpoint
JWT |
NA |
Shivam Pandey (@shivam31200) |
Bug Bounty | 2020-07-10 | 2023-06-13 |
| 3240 | Exploiting JWT - Lack of Signature Verification |
Account takeover |
NA |
Aditya Dixit (@zombie007o) |
Bug Bounty | 2020-08-06 | 2023-06-13 |
| 3132 | Chains on Chains: Chaining multiple low-level vulns into a Critical. |
Blind XSS
CSP bypass
Lack of rate limiting
Exposed JWT generation endpoint
JWT |
NA |
Daniel Marte (@Masonhck3571) |
Bug Bounty | 2020-09-26 | 2023-06-13 |
| 3131 | 5 Ways to do Account Takeover in a Single Website |
Account takeover
Lack of rate limiting
OTP bypass
IDOR
OAuth
JWT |
NA |
letmeslidein (@VasuYadaav) |
Bug Bounty | 2020-09-27 | 2023-06-13 |
| 3101 | Unauthorized access to all the user’s account. |
Account takeover
Authentication bypass
JWT |
NA |
Rahul Naidu |
Bug Bounty | 2020-10-12 | 2023-06-13 |
| 3090 | Multiple Address Bar Spoofing Vulnerabilities In Mobile Browsers |
Authentication bypass
JWT
Android |
NHS COVID-19 App |
James Sanderson (@zofrex) |
Bug Bounty | 2020-10-20 | 2023-06-13 |
| 2926 | Each and every request make sense… |
Privilege escalation
Exposed JWT generation endpoint
JWT |
NA |
Akshar Tank |
Bug Bounty | 2021-01-05 | 2023-06-13 |
| 2250 | Eye for an eye: Unusual single click JWT token takeover |
Open redirect
JWT
Account takeover |
JetBrains |
Yurii Sanin (@SaninYurii) |
Bug Bounty | 2021-09-05 | 2023-06-13 |
| 2103 | HacktoberFest2k21 vulnerability: How users metadata can be changed via Auth JWT tokens leaking from waybackurls |
IDOR |
DigitalOcean |
Anurag__Verma |
Bug Bounty | 2021-11-04 | 2023-06-13 |
| 1911 | Stealing administrative JWT%27s through post auth SSRF (CVE-2021-22056) |
SSRF
CSRF |
VMware |
Shubham Shah (@infosec_au) |
Bug Bounty | 2022-01-17 | 2023-06-13 |
| 1885 | Stealing administrative JWT%27s through post auth SSRF (CVE-2021-22056) |
Windows Driver hacking
Kernel DoS |
VMware |
Christopher (@Kharosx0) |
Bug Bounty | 2022-01-27 | 2023-06-13 |
| 1761 | The Bad Twin: a peculiar case of JWT exploitation scenario |
Account takeover |
NA |
Sandh0t (@sandh0t) |
Bug Bounty | 2022-03-07 | 2023-06-13 |
| 1445 | Hacking into the worldwide Jacuzzi SmartTub network |
SPA
Android
JWT
Privilege escalation
Mass assignment |
Jacuzzi Group
SmartTub |
Eaton Z. (@XeEaton) |
Bug Bounty | 2022-06-20 | 2023-06-13 |
| 1174 | ASP.NET Boilerplate Multiple Vulnerabilities |
Authentication flaw
Hardcoded credentials
JWT
Padding oracle attack
Cryptographic issues |
Volosoft (ASP.NET Boilerplate) |
Sana Oshika (@bigshika) |
Bug Bounty | 2022-08-26 | 2023-06-13 |
| 1023 | Exploits Explained: 5 Unusual Authentication Bypass Techniques |
Authentication bypass
JWT
CMS
SSO |
NA |
Ozgur Alp (@ozgur_bbh) |
Bug Bounty | 2022-09-28 | 2023-06-13 |
| 930 | 23000$ for Authentication Bypass & File Upload & Arbitrary File Overwrite |
JWT
Authentication bypass
Arbitrary file write
Unrestricted file upload |
NA |
Souhaib Naceri (@h4x0r_dz) |
Bug Bounty | 2022-10-19 | 2023-06-13 |
| 831 | SSD Advisory – Cisco Secure Manager Appliance jwt_api_impl Hardcoded JWT Secret Elevation of Privilege |
Hardcoded credentials
Security code review
JWT
Privilege escalation |
Cisco |
- |
Bug Bounty | 2022-11-14 | 2023-06-13 |
| 548 | Exploiting Hardcoded Keys to achieve RCE in Yellowfin BI |
RCE
Authentication bypass
Security code review
JWT |
Yellowfin BI |
Maxwell Garrett (@TheGrandPew) |
Bug Bounty | 2023-01-24 | 2023-06-13 |
| 499 | Authentication Bypass in Izanami Docker image 1.10.22 CVE-2023-22495 |
Authentication bypass
JWT
Security code review
Container security |
Izanami |
Raphaël Lob |
Bug Bounty | 2023-02-03 | 2023-06-13 |
| 458 | Hacking our way into internal DBs with hardcoded authentication keys |
JWT
SSO
Authentication bypass
Security misconfiguration |
NA |
Ophion Security (@OphionSecurity) |
Bug Bounty | 2023-02-13 | 2023-06-13 |
