Lichess: Open Redirect Vulnerability in OAuth Flow Leading to Potential Phishing Attack
Summary: An open redirect vulnerability exists in the OAuth flow on lichess4545.com. By manipulating the redirecturi parameter during the OAuth authorization process with Lichess, an attacker can redirect users to an arbitrary external domain e.g., example.com after login. This could be exploited...