Authentication

Bugs showcase #2: Privilege escalation using improper preservation of permissions during the OAuth app installation

‎

This post describes two account takeover vulnerabilities w/o user interaction resulting from multiple omissions in the OTP implementations.

This post contains 11 methods of MFA bypassing