Tags » OpenID

Serious Covert Redirect Vulnerability Found in OAuth 2.0 and OpenID

Following in the steps of the OpenSSL vulnerability Heartbleed, A serious Covert Redirect vulnerability related to OAuth 2.0 and OpenID has been found. Almost all major providers of OAuth 2.0 and OpenID are affected, such as Facebook, Google, Yahoo, LinkedIn, Microsoft, Paypal, GitHub, QQ, Taobao, Weibo, VK, Mail.Ru, Sohu, etc. 1,203 more words

Covert Redirect Vulnerability

OpenID server updated and reinstalled

Yubico’s OpenID server has been updated to the latest version and moved to a new machine. Please report any issues you encounter.