Loading...

Ready to See Your True Attack Surface?

Join thousands of security teams who trust ZeroVault to discover vulnerabilities before attackers do. Get started with a personalized demo.

The Grav API plugin (getgrav/grav-plugin-api) before 1.0.0-rc.16 accepts JWT access tokens through the ?token= URL query parameter on every API route (JwtAuthenticator::extractBearerToken fallback)