

Serious security flaw in OAuth, OpenID discovered - denzil_correa
http://www.cnet.com/news/serious-security-flaw-in-oauth-and-openid-discovered/

======
daveslash
via an answer on stack Stack Exchange (link below)

"This isn't a vulnerability of/in OAuth 2.0 at all. The issue has been wildly
overblown and misstated by CNET and the original finder.

Here it is in a nutshell: If your web site (example.com) implements an open
redirect endpoint - that is, implements a URL that will redirect the browser
to any URL given in the URL parameters - AND your redirect copies URL
parameters from the incoming URL to the outgoing redirect URL, then it is
possible for third parties to exploit this artifact of your web site in a wide
variety of nasty ways."

[http://security.stackexchange.com/questions/57143/can-
someon...](http://security.stackexchange.com/questions/57143/can-someone-
explain-the-covert-redirect-vulnerability-in-oauth-and-openid)

