When a request contains multiple JSON Web Tokens (JWTs), the scanner currently selects the first one it encounters, which can result in a high number of false positives. To address this issue, the current workaround involves manually pre-selecting the JWT that should be scanned.
A potential improvement to this process would be for the scanner to automatically identify the relevant JWT when multiple are detected. This could be achieved by iteratively removing each JWT and observing which removal results in an "Access Denied" response, thereby indicating the correct JWT.
When a request contains multiple JSON Web Tokens (JWTs), the scanner currently selects the first one it encounters, which can result in a high number of false positives. To address this issue, the current workaround involves manually pre-selecting the JWT that should be scanned.
A potential improvement to this process would be for the scanner to automatically identify the relevant JWT when multiple are detected. This could be achieved by iteratively removing each JWT and observing which removal results in an "Access Denied" response, thereby indicating the correct JWT.