PlayStation: Access Token Smuggling from my.playstation.com via Referer Header
I discovered a way to smuggle an access token from my.playstation.com via Referer header through chain of open redirection vulnerability. On my investigation of authentication flow I found this endpoint with potential site for open redirect vulnerability...