Security hole compromises OAuth providers

Posted by Scott_Ruecker on Apr 23, 2009 7:23 PM
By Heise
Mail this story
Web version

A flaw in the open OAuth online authentication protocol has prompted major OAuth providers like Twitter and Yahoo to suspend their support of this protocol and stop offering this service for the time being. The security hole allows attackers to trick their way into obtaining user data. The OAuth protocol will need to be updated to fix the vulnerability.

Full Story

Printed at http://lxer.com/module/newswire/view/119331/index.html