oauth-protocol

oauth-protocol

OAuth found that a malicious user had successfully exploited them, and that the attacker might have seized control of users who were logging in through Facebook.

With full access to the account and knowledge of every user's personal data, the attacker could have taken any action on behalf of the compromised users.

Booking.com has been made aware of all the problems detailed in this article, and it took immediate action to resolve and fully mitigate all of the problems.

After receiving the Salt Security report, their teams reviewed the information right away and determined that the Booking.com platform had not been compromised. The vulnerability was then quickly fixed.

Source: https://salt.security/blog/traveling-with-oauth-account-takeover-on-booking-com

"id": "OAU4393723",
"linkid": "oauth-protocol",
"type": "Breach",
"date": "03/2023",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.