This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Malicious Endpoint
Malicious Endpoint

Version management

Difference between version and

At line 1 added 14 lines
!!! Overview
[{$pagename}] is when an [Attacker] sets up a [Malicious] [Endpoint]
[{$pagename}] in [OAuth 2.0] and [OpenID Connect] is a class of an [Attack] where information is returned in the [Authorization Response] in which the [OAuth Client] be tricked into using inconsistent sets of [metadata] from multiple [Authorization Servers], including potentially using a [token] [endpoint] that does not belong to the same [Authorization Server] as the authorization [endpoint] used.
Some Research publications refer to these as IdP Mix-Up and [{$pagename}] [attacks].
[{$pagename}] the [Attacker] acts as a [Man-In-The-Middle] between the [OAuth Client] and the "intended" [Authorization Server]
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop