Impersonating users by abusing broken “Sign in with” implementations
↳ https://www.ory.sh/sign-in-with-user-impersonation-oauth2-openid-connect
Using OAuth 2.0 or OpenID Connect for federated login is common practice, and many web apps allow you to “Sign in with X”….
from Hack+ https://ift.tt/2rdxajS
via IFTTT
Няма коментари:
Публикуване на коментар