Bug #95: Security Issue: JWT Token with Excessive Expiry (Potential Account Takeover Risk)(Web ) - akinder volunteer testing - Redmine

Actions

Copy link

Bug #95

open

Security Issue: JWT Token with Excessive Expiry (Potential Account Takeover Risk)(Web )

Added by Vivek Kumar 2 months ago.

Status:

New

Priority:

High

Assignee:

Start date:

04/22/2026

Due date:

% Done:

Estimated time:

Spent time:

1:00 h

Description

The application issues JWT (Bearer) tokens with an excessively long expiration period (~1 year). This increases the risk of prolonged unauthorized access if the token is leaked, intercepted, or exposed.
JWT tokens are meant to be short-lived. A long expiry defeats the purpose of secure session handling and increases the attack window significantly.

Steps to Reproduce
Authenticate to the application
Capture the JWT token from request headers (Authorization: Bearer)
Decode the token using any JWT decoder
Observe the exp (expiration) claim
Compare with iat → duration is ~1 year

Proof of Concept
Example exp: 1808332074
Converted expiry: 20 April 2027 (~1 year validity)

Spent time

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

akinder volunteer testing

Custom queries

Bug #95

Security Issue: JWT Token with Excessive Expiry (Potential Account Takeover Risk)(Web )