[Amdatu-developers] [JIRA] Closed: (AMDATUAUTH-43) Add fix for oAuth session fixation vulnerability

Ivo Ladage - van Doorn (JIRA) Wed, 03 Aug 2011 06:48:55 -0700

     [ 
http://jira.amdatu.org/jira/browse/AMDATUAUTH-43?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Ivo Ladage - van Doorn closed AMDATUAUTH-43.
--------------------------------------------

    Assignee: Ivo Ladage - van Doorn

> Add fix for oAuth session fixation vulnerability
> ------------------------------------------------
>
>                 Key: AMDATUAUTH-43
>                 URL: http://jira.amdatu.org/jira/browse/AMDATUAUTH-43
>             Project: Amdatu Auth
>          Issue Type: Improvement
>          Components: OAuth server
>    Affects Versions: 0.1.0
>            Reporter: Ivo Ladage - van Doorn
>            Assignee: Ivo Ladage - van Doorn
>             Fix For: 0.2.0
>
>
> See 
> http://hueniverse.com/2009/04/explaining-the-oauth-session-fixation-attack/
> A generated token should be added to the callback URL, that should fix this 
> vulnerability

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

        
_______________________________________________
Amdatu-developers mailing list
[email protected]
http://lists.amdatu.org/mailman/listinfo/amdatu-developers

[Amdatu-developers] [JIRA] Closed: (AMDATUAUTH-43) Add fix for oAuth session fixation vulnerability

Reply via email to