Here is probably your best bet if it's a design question. If it's a specific
implementation then send it to the company in question first if you think they
have a vulnerability.
________________________________
From: L. Preston Sego III <lpse...@gmail.com>
To: oauth@ietf.org
Sent: Thursday, January 31, 2013 6:01 AM
Subject: [OAUTH-WG] Where / how do we report security risks?
Don't want hackers to try anything on oauth2-using applications...
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
