Tagged articles

File Overwrite

1 articles · Page 1 of 1
Black & White Path
Black & White Path
Jul 8, 2026 · Information Security

How I Earned $23,000 by Exploiting JWT Realm and File Overwrite Vulnerabilities

The article details a step‑by‑step exploitation chain against a site using JWT authentication and an upload endpoint, showing how modifying the JWT realm, removing the Bearer keyword, and abusing Amazon S3/CloudFront default settings enabled arbitrary file overwrite and yielded a total $23,000 bounty.

Authorization HeaderBug BountyCloudFront
0 likes · 7 min read
How I Earned $23,000 by Exploiting JWT Realm and File Overwrite Vulnerabilities