Covert Redirect Is Just a Flaw It’s Not Another Heartbleed

Posted by:

covert redirect is no heartbleedBut That Doesn’t Mean Its Not A Problem

On Friday, a PhD student at the Nanyang Technological University in Singapore, Wang Jing, published a report focused on a method of attack called “Covert Redirect,” promoting it as a vulnerability in OAuth 2.0 and OpenID. Yet Jing’s contention of security flaws in OAuth and OpenID has serious flaws of its own, according ...

Read More →
SEC Cybersecurity Exams