Actually, the CVE-2023-283131 vulnerability was published with the full details just two days ago. In April Expo published a short post but without too much technical information.
You can find more details about CVE-2023-283131 in the link I shared here:
https://salt.security/blog/a-new-oauth-vulnerability-that-ma....
Thank you for bringing up the distinction, and I agree that OpenID can help address some of the issues, but not all of them...