Authentication Bypass

Circumventing login and session controls — JWT algorithm confusion, type juggling, default credentials, and logic flaws.