INTRO While testing a private bug bounty program that enables users to log in using their social media accounts, I noticed that most of the OAuth flow happened on a completely different domain that...

INTRO In this blog post, I will discuss an interesting security bypass I found which allowed me to leak OAuth access tokens via a postMessage. This bug would've enabled an attacker to connect a vic...