Update Messages.properties

preetkaran20 · web-flow · commit aebefc645078 · 2020-11-07T17:48:16.000+05:30
diff --git a/src/main/resources/org/zaproxy/zap/extension/jwt/resources/Messages.properties b/src/main/resources/org/zaproxy/zap/extension/jwt/resources/Messages.properties
@@ -85,7 +85,7 @@ jwt.scanner.server.vulnerability.signatureAttack.jwkCustomKey.refs=https://nvd.n
 jwt.scanner.server.vulnerability.signatureAttack.jwkCustomKey.soln=Validating Library should not depend on user provided input
 
 jwt.scanner.server.vulnerability.signatureAttack.publiclyKnownSecrets.name=Publicly Well Known HMac Secret Attack
-jwt.scanner.server.vulnerability.signatureAttack.publiclyKnownSecrets.desc=JWT tokens signed using HMac algorithm requires secret key and there are publicly well known secret keys which should not be used for signing the JWT token as it can cause various attacks like identity theft, user impersonation etc. 
+jwt.scanner.server.vulnerability.signatureAttack.publiclyKnownSecrets.desc=JSON web tokens signed using HMac algorithm requires secret key and there are publicly well known secret keys which should not be used for signing the JSON web token as it can cause various attacks like identity theft, user impersonation etc. 
 jwt.scanner.server.vulnerability.signatureAttack.publiclyKnownSecrets.refs=https://lab.wallarm.com/340-weak-jwt-secrets-you-should-check-in-your-code
 jwt.scanner.server.vulnerability.signatureAttack.publiclyKnownSecrets.soln=Secret keys used for signing should not be publicly well known or easy to guess. 
 
