ajinabraham.njsscan.jwt.jwt_exposed_credentials.jwt_exposed_credentials

profile photo of ajinabrahamajinabraham
Author
unknown
Download Count*
License

Password is exposed through JWT token payload. This is not encrypted and the password could be compromised. Do not store passwords in JWT tokens.

Run Locally

Run in CI

Defintion

rules:
  - id: jwt_exposed_credentials
    patterns:
      - pattern-either:
          - pattern: |
              $JOSE = require("jose")
              ...
              var { JWT } = $JOSE;
              ...
              $T = JWT.sign({password:...},...)
          - pattern: |
              $JOSE = require("jose")
              ...
              var { JWT } = $JOSE;
              ...
              var $P = {password:...};
              ...
              var $T = JWT.sign($P,...)
          - pattern: |
              $JOSE = require("jose")
              ...
              var { JWT } = $JOSE;
              ...
              var $P = {password:...};
              ...
              $T = JWT.sign($P,...)
          - pattern: |
              $JOSE = require("jose")
              ...
              var { JWT } = $JOSE;
              ...
              $P = {password:...};
              ...
              var $T = JWT.sign($P,...)
          - pattern: |
              $JOSE = require("jose")
              ...
              var { JWT } = $JOSE;
              ...
              $P = {password:...};
              ...
              $T = JWT.sign($P,...)
          - pattern: |
              $JOSE = require("jose")
              ...
              var { JWT } = $JOSE;
              ...
              $P.password = ...;
              ...
              var $T = JWT.sign($P,...)
          - pattern: |
              $JOSE = require("jose")
              ...
              var { JWT } = $JOSE;
              ...
              $P.password = ...;
              ...
              $T = JWT.sign($P,...)
          - pattern: |
              $JOSE = require("jose")
              ...
              var { JWT } = $JOSE;
              ...
              var $P = Object.assign(...,{password:...},...)
              ...
              var $T = JWT.sign($P,...)
          - pattern: |
              $JOSE = require("jose")
              ...
              var { JWT } = $JOSE;
              ...
              var $P = Object.assign(...,{password:...},...)
              ...
              $T = JWT.sign($P,...)
          - pattern: |
              $JOSE = require("jose")
              ...
              var { JWT } = $JOSE;
              ...
              $P = Object.assign(...,{password:...},...)
              ...
              var $T = JWT.sign($P,...)
          - pattern: |
              $JOSE = require("jose")
              ...
              var { JWT } = $JOSE;
              ...
              $P = Object.assign(...,{password:...},...)
              ...
              $T = JWT.sign($P,...)
          - pattern: |
              $JOSE = require("jose")
              ...
              var { JWT } = $JOSE;
              ...
              var $T = JWT.sign(Object.assign(...,{password:...},...),...)
          - pattern: |
              $JOSE = require("jose")
              ...
              var { JWT } = $JOSE;
              ...
              $T = JWT.sign(Object.assign(...,{password:...},...),...)
          - pattern: |
              $JOSE = require("jose")
              ...
              var { JWT } = $JOSE;
              ...
              var $T = JWT.sign({$U:{password:...}},...)
          - pattern: |
              $JOSE = require("jose")
              ...
              var { JWT } = $JOSE;
              ...
              $T = JWT.sign({$U:{password:...}},...)
          - pattern: |
              $JOSE = require("jose")
              ...
              var { JWT } = $JOSE;
              ...
              var $P = {$U:{password:...}};
              ...
              var $T = JWT.sign($P,...)
          - pattern: |
              $JOSE = require("jose")
              ...
              var { JWT } = $JOSE;
              ...
              var $P = {$U:{password:...}};
              ...
              $T = JWT.sign($P,...)
          - pattern: |
              $JOSE = require("jose")
              ...
              var { JWT } = $JOSE;
              ...
              $P = {$U:{password:...}};
              ...
              var $T = JWT.sign($P,...)
          - pattern: |
              $JOSE = require("jose")
              ...
              var { JWT } = $JOSE;
              ...
              $P = {$U:{password:...}};
              ...
              $T = JWT.sign($P,...)
          - pattern: |
              $JOSE = require("jose")
              ...
              var { JWT } = $JOSE;
              ...
              $P.$U.password = ...;
              ...
              var $T = JWT.sign($P,...)
          - pattern: |
              $JOSE = require("jose")
              ...
              var { JWT } = $JOSE;
              ...
              $P.$U.password = ...;
              ...
              $T = JWT.sign($P,...)
          - pattern: |
              $JOSE = require("jose")
              ...
              var { JWT } = $JOSE;
              ...
              var $P = Object.assign(...,{$U:{password:...}},...)
              ...
              var $T = JWT.sign($P,...)
          - pattern: |
              $JOSE = require("jose")
              ...
              var { JWT } = $JOSE;
              ...
              var $P = Object.assign(...,{$U:{password:...}},...)
              ...
              $T = JWT.sign($P,...)
          - pattern: |
              $JOSE = require("jose")
              ...
              var { JWT } = $JOSE;
              ...
              $P = Object.assign(...,{$U:{password:...}},...)
              ...
              var $T = JWT.sign($P,...)
          - pattern: |
              $JOSE = require("jose")
              ...
              var { JWT } = $JOSE;
              ...
              $P = Object.assign(...,{$U:{password:...}},...)
              ...
              $T = JWT.sign($P,...)
          - pattern: |
              $JOSE = require("jose")
              ...
              var { JWT } = $JOSE;
              ...
              var $T = JWT.sign(Object.assign(...,{$U:{password:...}},...),...)
          - pattern: |
              $JOSE = require("jose")
              ...
              var { JWT } = $JOSE;
              ...
              $T = JWT.sign(Object.assign(...,{$U:{password:...}},...),...)
    severity: ERROR
    languages:
      - javascript
    metadata:
      cwe: cwe-522
      owasp-web: a2
      license: LGPL-3.0-or-later
      vulnerability_class:
        - Other
    message: Password is exposed through JWT token payload. This is not encrypted
      and  the password could be compromised. Do not store passwords in JWT
      tokens.