Security Operations

564 readers

13 users here now

A place for all things Cyber Security, from questions, rants, and stories, to the latest attacks, vulnerabilities, and zero days.

founded 1 year ago

MODERATORS

L3s

Microsoft Account's OAuth tokens leaking via open redirect in Harvest App (eval.blog)

submitted 11 months ago by L4s to c/secops

5 comments fedilink hide all child comments

Microsoft Account's OAuth tokens leaking via open redirect in Harvest App::Reported an OAuth token leak via open redirect in Harvest.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 1 points 11 months ago (1 children)

Wow, I thought this was further reporting on their leaks earlier this year. Nono, it's another vulnerability. Microsoft really living up to their reputation...

[–] jlar 2 points 11 months ago (1 children)

From the post: "I apologise for the poor and confusing title used before. I have updated the title but I cannot change it everywhere else. Just to clarify This is not a vulnerability in Microsoft.'

[–] jlar 2 points 11 months ago (1 children)

Not to defend M$ lol. Just in this case it was Harvest with the vuln.

[–] [email protected] 2 points 11 months ago

Ah, thanks for the correction.