It has been 15 days since the last alg:none JWT vulnerability.
The HarbourJWT library would accept tokens without a signature with "alg": "none". Or "alg": "NONE". And "alg": "". Or "alg": "bestie-plz".Or "alg": "let me iiiinnnnnnnn".
The HarbourJWT library would accept tokens without a signature with "alg": "none". Or "alg": "NONE". And "alg": "". Or "alg": "bestie-plz".Or "alg": "let me iiiinnnnnnnn".