writeups.xyz / Firas Fatnassi (@Fatnass1F1ras)

Title	Vulnerabilities	Programs	Authors
Cross-Tenant Information Disclosure: Unraveling Microsoft Connections, Custom Connectors, and OAuth 2.0 in Power Automate	OAuth Cross-Tenant Vulnerability	Microsoft	Firas Fatnassi (@Fatnass1F1ras)
A tale of 0-Click Account Takeover and 2FA Bypass.	Account Takeover Password Reset 2FA / MFA Bypass	Undisclosed	Firas Fatnassi (@Fatnass1F1ras)
How I was able to take over any account via the Password Reset Functionality.	Password Reset Account Takeover	Undisclosed	Firas Fatnassi (@Fatnass1F1ras)

Page 1 of 1