Posted by vishnu raju on May 31

Hi List,
Greetings from Vishnu(@dH4Wk)

This is a responsible disclosure. Google brushed of this finding, as in
their point of view everything works as intended :-P..

*Summary*
Google’s OAuth is used by many third party vendors to authenticate their
users.

Condition for the bug to be exploited:
An active Google session

*Affected Parties*:
[1] Google users
[2] Third parties who use google OAuth

Affected Security Aspects
[1]…