All major OAuth 2.0 and OpenID providers, such as Facebook, Google, Yahoo, LinkedIn and Microsoft, have been affected by a serious covert redirect vulnerability.
According to Jing Wang, a doctorate student in mathematics at the Nanyang Technological University in Singaporeg, the vulnerability could lead to open redirect attacks to both clients and providers of OAuth 2.0 or OpenID.
“For OAuth 2.0, these attacks might jeopardize the token of the site users, which could be used to access user information,” wrote Wang in a blog. “In the case of Facebook, the information could include the basic ones, such as email address, age, locale, work history, etc. If the token has greater privilege (the user needs to consent in the first place though), the attacker could obtain more sensitive information, such as mailbox, friends list and online presence, and even operate the account on the user’s behalf.”