OAuth+XSS Attack Threatens Millions of Web Users With Account Takeover
July 29, 2024 at 10:50AM Recent security research by Salt Security’s Salt Labs revealed critical API security flaws in both Hotjar and Business Insider, exposing millions of users to potential account takeover. The flaws involve manipulating the OAuth standard with cross-site scripting, potentially enabling attackers to access sensitive data. The researchers warn that similar vulnerabilities … Read more