|
|
|
|
|
|
by melville_X
4438 days ago
|
|
|
From the Q&A: > Covert Redirect is based on vulnerability Open Redirect. An open redirect is an application that takes a parameter and redirects a user to the parameter value without any validation (OWASP). So Covert Redirect is an applicaiton that takes a paramter and redirects a user to the parameter value with improper validation. Usually this is the of result of overconfidence of its partnership. Seems like a known flaw in OAuth2. |
|
|