Razer US: CORS Misconfiguration leading to disclosure of access_token and account takeover!

The researcher discovered that the SSO endpoint for oauth2.razerzone.com, which is a web API server for our Razer ID architecture, did not properly validate the origin header of the caller. This would allow any caller to obtain a user's access token, which combined with other techniques, could...