Security Operations

569 readers

13 users here now

A place for all things Cyber Security, from questions, rants, and stories, to the latest attacks, vulnerabilities, and zero days.

founded 1 year ago

MODERATORS

L3s

Microsoft Account's OAuth tokens leaking via open redirect in Harvest App (eval.blog)

submitted 1 year ago by L4s to c/secops

5 comments fedilink hide all child comments

Microsoft Account's OAuth tokens leaking via open redirect in Harvest App::Reported an OAuth token leak via open redirect in Harvest.

you are viewing a single comment's thread
view the rest of the comments

[–] jlar 2 points 1 year ago (1 children)

From the post: "I apologise for the poor and confusing title used before. I have updated the title but I cannot change it everywhere else. Just to clarify This is not a vulnerability in Microsoft.'

[–] jlar 2 points 1 year ago (1 children)

Not to defend M$ lol. Just in this case it was Harvest with the vuln.

[–] [email protected] 2 points 1 year ago

Ah, thanks for the correction.