JWT jku / jwk header injection TL;DR: Header points at attacker-controlled JWKS — verifier fetches and trusts an attacker-supplied public key. Stub — to be filled in. What it is TODO Preconditions / where it applies TODO Technique TODO Detection and defence TODO References https://portswigger.net/web-security/jwt#injecting-self-signed-jwts-via-the-jku-parameter