dcsimg
 

Security Flaw Discovered in OAuth, OpenID

Friday May 2nd 2014 by Developer.com Staff

This current security threat, deemed the "Covert Redirect" flaw, has made users of many high volume tech sites vulnerable, including those who use Google, Facebook, Microsoft, LinkedIn, any many more.

This current security threat, deemed the "Covert Redirect" flaw, has made users of many high volume tech sites vulnerable, including those who use Google, Facebook, Microsoft, LinkedIn, any many more.

"If a user chooses to authorize the login, personal data (depending on what is being asked for) will be released to the attacker instead of to the legitimate website. This can range from email addresses, birth dates, contact lists and possibly even control of the account. "

View Article

Home
Mobile Site | Full Site