!!! Overview
[{$pagename}] is an [Attack] on [OAuth 2.0] (or [OpenID Connect]) wherein the [attacker] manages to convince the [client|OAuth Client] to send [credentials] ([Authorization Code] or [Access_token]) obtained from an "honest" [Authorization Server] to a server under the [attacker]’s control.


[Pushed Authorization Requests] help to eliminate [{$pagename}].

!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [Mix-Up, Revisited
|https://danielfett.de/2020/05/04/mix-up-revisited/|target='_blank'] - based on information obtained 2022-03-19