Overview#
Mix-up attacks is an Attack on OAuth 2.0 (or OpenID Connect) wherein the attacker manages to convince the client to send credentials (Authorization Code or Access_token) obtained from an "honest" Authorization Server to a server under the attacker’s control.
Pushed Authorization Requests help to eliminate Mix-up attacks.
More Information#
There might be more information for this subject on one of the following:- [#1] - Mix-Up, Revisited
- based on information obtained 2022-03-19
Please see our Copyright And Intellectual Property Page and Standard Disclaimer Pages!