Internet Bug Bounty: open redirect in rfc6749
OAuth Providers servers that strictly follow rfc6749 are vulnerable to open redirect. Let me explain, reading 0 If the request fails due to a missing, invalid, or mismatching redirection URI, or if the client identifier is missing or invalid, the authorization server SHOULD inform the resource...