Re: "Covert Redirect" vulnerability in OAuth

I can't find an explanation of the actual vulnerability. The supposed 
explanation is a 403: http://tetraph.com/covert_redirect/


On 5/2/2014 7:59:10 AM, Shane Tomlinson <[email protected]>wrote:
Is our OAuth implementation susceptible?

http://www.cnet.com/uk/news/serious-security-flaw-in-oauth-and-openid-discovered/
_______________________________________________
Dev-fxacct mailing list
[email protected]
https://mail.mozilla.org/listinfo/dev-fxacct

_______________________________________________
Dev-fxacct mailing list
[email protected]
https://mail.mozilla.org/listinfo/dev-fxacct

Re: "Covert Redirect" vulnerability in OAuth

Reply via email to