LinkedIn has fixed a flaw in its website that allowed OAuth tokens to be stolen.
British software engineer Richard Mitchell found he could steal OAuth tokens over HTTP thanks to formerly weak authentication within an interstitial page in LinkedIn's help site.
"I quickly found a request to a JavaScript file including the API key for the help system which immediately returned an OAuth token for the user," Mitchell said.
"You shouldn’t trust JavaScript or the referer header exclusively for any kind of authorisation policy."
LinkedIn fixed the flaw on 5 July two days after it was reported and sent Mitchell a t-shirt for his effort.
_(33).jpg&h=140&w=231&c=1&s=0)
_(37).jpg&h=140&w=231&c=1&s=0)
Cyber Resilience Summit
iTnews Executive Retreat - Security Leaders Edition
Huntress + Eftsure Virtual Event -Fighting A New Frontier of Cyber-Fraud: How Leaders Can Work Together
iTnews Cloud Covered Breakfast Summit
Live & Hands On Demo: Navigating the BMC AMI DevX Platform to Understand Code Faster Using AI
.jpg&h=271&w=480&c=1&s=1)
_(1).jpg&h=140&w=231&c=1&s=0)
