Ross Penny
Adversaries Can “Log In with Microsoft” through the nOAuth Azure Active Directory Vulnerability
On June 20, 2023, Descope published research detailing how a combination of a flaw in Azure Active Directory and poorly integrated third-party applications — dubbed “nOAuth” — could lead to full accou[…]