The now-fixed vulnerability involved a major travel services company that’s integrated with dozens of airline websites worldwide.
First seen on darkreading.com
Jump to article: www.darkreading.com/application-security/oauth-flaw-exposed-millions-airline-users-account-takeovers
