JOURNAL ARTICLE

Booking.com account takeover flaw shows possible pitfalls in OAuth implementations.

  • Published In: CSO Forum, 2023. P. 1 1 of 2

  • Database: Applied Science & Technology Source Ultimate 2 of 2

Abstract

The article reports that Booking.com, one of the world's largest online travel agencies, has patched a vulnerability in its implementation of the OAuth protocol that could have allowed attackers to gain access to customer accounts by simply tricking them into clicking a link. It mentions attacker could have taken over accounts of users logging in via Facebook. It also mentions security breach in OAuth can lead to identity theft, financial fraud, and access to all sorts of personal information.

Additional Information

  • Source:CSO Forum. 2023/03, p1
  • Document Type:Article
  • Subject Area:Library and Information Science
  • Publication Date:2023
  • Accession Number:162226508

Looking to go deeper into this topic? Look for more articles on EBSCOhost.