This is version 1 2 3 . It is not the current version, and thus it cannot be edited.

Back to current versionRestore this version

Overview#

Mix-up attacks is an Attack on OAuth 2.0 (or OpenID Connect) wherein the attacker manages to convince the client to send credentials (Authorization Code or Access_token) obtained from an "honest" Authorization Server to a server under the attacker’s control.

More Information#

There might be more information for this subject on one of the following:

• OAuth 2.0 Authorization Server Issuer Identification

---

• [#1] - Mix-Up, Revisited - based on information obtained 2022-03-19