gitea-mirror/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2025-12-12 15:49:38 -08:00
Code Issues Packages Projects Releases Wiki Activity

NoSQL + Open Redirect

Browse Source
This commit is contained in:
Swissky
2024-11-29 22:08:58 +01:00
parent 6795bee1c4
commit 29f46934ac
5 changed files with 140 additions and 164 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
OAuth Misconfiguration/README.md
View File

@@ -8,7 +8,7 @@
- [Stealing OAuth Token via referer](#stealing-oauth-token-via-referer)
- [Grabbing OAuth Token via redirect_uri](#grabbing-oauth-token-via-redirect---uri)
- [Executing XSS via redirect_uri](#executing-xss-via-redirect---uri)
- [OAuth private key disclosure](#oauth-private-key-disclosure)
- [OAuth Private Key Disclosure](#oauth-private-key-disclosure)
- [Authorization Code Rule Violation](#authorization-code-rule-violation)
- [Cross-Site Request Forgery](#cross-site-request-forgery)
- [Labs](#labs)
@@ -52,7 +52,7 @@ https://example.com/oauth/v1/authorize?[...]&redirect_uri=data%3Atext%2Fhtml%2Ca
```
## OAuth private key disclosure
## OAuth Private Key Disclosure
Some Android/iOS app can be decompiled and the OAuth Private key can be accessed.