LinkedIn: Forced OAuth authorization using button ID in hash and holding space

The vulnerability allowed attackers to conduct a social engineering attack to trick users into authorizing a third-party app to bind to their LinkedIn account without explicit consent. The attack exploited the OAuth process by using a button ID in the hash and requiring the user to press and hold...