Millions of Websites Susceptible XSS Attack via OAuth Implementation Flaw
July 29, 2024 at 08:18AM Salt Labs, the research arm of API security firm Salt Security, has uncovered a cross-site scripting (XSS) attack affecting numerous websites, including major companies like HotJar and Business Insider. The attack exploits OAuth implementation, potentially leading to complete account takeovers. Salt Labs released its findings and a free scanner to … Read more