writeups.xyz / nOAuth: How Microsoft OAuth Misconfiguration Can Lead to Full Account Takeover

Submitter : c2a

Date: 20 June 2023

Bounty : undisclosed

Vulnerabilities :

Programs :

Microsoft (Azure AD)

Authors :

Descope (@Descopeinc)

Link :
https://www.descope.com/blog/post/noauth