X (Formerly Twitter): Bypassing Digits bridge origin validation
Hi, I would like to report an issue in the bridge proxy in Digits which allows attacker to retrieve the OAuth credential data of an application victims authorized. Detail In the Digits Web SDK, the method getLoginStatus can be used to retrieve the OAuth credential data of an application if the us...