writeups.xyz
/
Bruno Crispo
Title
Vulnerabilities
Programs
Authors
OAuth 2.0 Redirect URI Validation Falls Short, Literally
OAuth
Path Confusion
Open Redirect
HTTP Parameter Pollution
Account Takeover
Atlassian
Meta / Facebook
GitHub
Microsoft
Yahoo! / Verizon Media
LinkedIn
Slack
VK
LINE
AuthDigital (Naver)
OK
ORCID
Tommaso Innocenti (@Innotommy)
Matteo Golinelli
Kaan Onarlioglu
Ali Mirheidari
Bruno Crispo
Engin Kirda
Web Cache Deception Escalates!
Web Cache Deception
Undisclosed
Ali Mirheidari
Matteo Golinelli
Kaan Onarlioglu
Engin Kirda
Bruno Crispo
You’ve Got (a Reset) Mail: A Security Analysis of Email-Based Password Reset Procedures
Password Reset
Host Header Injection
CSRF
Account Takeover
Undisclosed
Tommaso Innocenti (@Innotommy)
Ali Mirheidari
Amin Kharraz (@Amin_kharaz)
Bruno Crispo
Engin Kirda
Page 1 of 1
writeups.xyz
/
Bruno Crispo