|
|
|
|
|
|
by user5994461
2175 days ago
|
|
|
>>> It’s also surprising to see MS has mistakes like that in the auth flow. Having worked on authentication code across companies, this is really the typical kind of mistakes one sees. Nothing special to MS. It's not even a simple stupid bug, like allowing open redirections. There was some checks on domain and an abandoned whitelisted domain that could be acquired by a new user. |
|
|