WebApp Sec mailing list archives
CSRF attacks against OAuth
From: "Jake Spekle" <jake.spekle () gmail com>
Date: Mon, 3 Nov 2008 09:23:18 -0500
I came across this blog post this morning and thought it was interesting and worth posting here: http://blog.cliqset.com/2008/11/02/csrf-and-oauth/ Considering what OAuth is designed for, it seems like CSRF attacks against it could prove to be quite fruitful for an attacker. - JS ------------------------------------------------------------------------- Sponsored by: Watchfire Methodologies & Tools for Web Application Security Assessment With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today! https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F -------------------------------------------------------------------------
Current thread:
- CSRF attacks against OAuth Jake Spekle (Nov 03)