'Covert Redirect' OAuth flaw more chest-beat than Heartbleed
Source: The Register UK - Posted by Benjamin D. Thomas   
Hacks/Cracks A recently reported new "vulnerability" in OAuth appears to be anything but. That unkind assessment has come from security specialists after a flaw called "Covert Redirect" made headlines that conflated the flaw with the Heartbleed vulnerability, a major security risk that legitimately sent administrators scrambling to fix their websites. PhD student Wang Jing from Nanyang Technological University reported the flaw Saturday and showed how it allowed attackers to phish users and obtain their tokens.

Read this full article at The Register UK

Only registered users can write comments.
Please login or register.

Powered by AkoComment!