https://arxiv.org/pdf/2205.10174.pdf
Wow. This maybe quite bad for people who are generally account-creation-averse. Sounds like the victim can't always detect this.
Accounts can be "pre-hijacked" on sites that allow multiple login methods
Accounts can be "pre-hijacked" on sites that allow multiple login methods
*Always* check the changelogs BEFORE updating that important software!
-
Re: Accounts can be "pre-hijacked" on sites that allow multiple login methods
A bit easier read, bleepingcomputer, Hackers can hack your online accounts before you even register them.
---
Similar exploit was also mentioned regarding Oauth2 (& Google & Facebook specifically).
Security Warning For Facebook Users Who Login With Gmail OAuth Code
---
Similar exploit was also mentioned regarding Oauth2 (& Google & Facebook specifically).
Security Warning For Facebook Users Who Login With Gmail OAuth Code
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:68.0) Gecko/20100101 Firefox/68.0 SeaMonkey/2.53.13