Weak jwt encryption deceted

Description

Use any default encryption algorithm jwt library provides

Remediations

Use the HS256 algorithm for JWT encryption

  jwt.sign({ "foo": "bar"}, process.env.JWT_SECRET, {
    algorithm: "HS256"
  })

Resources

Associated CWE

OWASP Top 10

Ready to take the next step? Join the Bearer Cloud waitlist.