Insecure JSON web token (JWT) parsing High

The parse method does not throw an error when it parses an unsigned JSON web token (JWT). This could result in downgrade attacks. Instead, use the parseClaimsJws method.

Detector ID
java/insecure-jwt-parsing@v1.0
Category
Common Weakness Enumeration (CWE) external icon