From c3f9158eab9021068b800510cf969a8552b86965 Mon Sep 17 00:00:00 2001 From: Nanne Baars Date: Mon, 31 Mar 2025 21:38:33 +0200 Subject: [PATCH] chore: text cleanup --- .../lessons/jwt/documentation/JWT_claim_misuse_jku.adoc | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/main/resources/lessons/jwt/documentation/JWT_claim_misuse_jku.adoc b/src/main/resources/lessons/jwt/documentation/JWT_claim_misuse_jku.adoc index 798777b0d..597bfeb0a 100644 --- a/src/main/resources/lessons/jwt/documentation/JWT_claim_misuse_jku.adoc +++ b/src/main/resources/lessons/jwt/documentation/JWT_claim_misuse_jku.adoc @@ -16,9 +16,9 @@ An example JKU would look like this: } ---- -=== Vulnerability +=== Vulnerability: JWT claim misuse with JKU -JWT claim misuse with JKU The vulnerability arises when a JWT is signed with a weak or predictable key and the server provides a JKU that points to an external location hosting the public key. +The vulnerability arises when a JWT is signed with a weak or predictable key and the server provides a JKU that points to an external location hosting the public key. Attackers can exploit this vulnerability by crafting a JWT with malicious claims and using the `jku` to trick the server into verifying the JWT using a weak or manipulated key. It all depends on the library being used inside the application. @@ -39,6 +39,7 @@ However, filtering on URLs is quite challenging to implement, and this can be by - **Successful attack**: If the server uses the weak or manipulated key to verify the JWT, the attacker gains unauthorized access or executes their intended exploit. + === Mitigation To prevent JWT claim misuse with JKU, developers and security professionals should follow these best practices: