QIWI: [qiwi.com] Oauth захват аккаунта

2016-08-15T16:44:44
ID H1:159507
Type hackerone
Reporter kxyry
Modified 2016-11-26T06:55:30

Description

CSRF in implementation of oAuth protocol allows attackers takeover the account of any user. CSRF in implementation of oAuth protocol allows attackers takeover the account of any user.