Skip to content
July 15, 2026
☍ CyberNoz
  • Home
Home›Mix›CSRF protection on OIDC login is broken
Mix

CSRF protection on OIDC login is broken

Cybernoz
April 8, 2023 1 min read
Share X / Twitter LinkedIn Reddit WhatsApp Email



Nextcloud disclosed a bug submitted by mikaelgundersen: https://hackerone.com/reports/1878381



Source link

Share X / Twitter LinkedIn Reddit WhatsApp Email
« Previous
Top 3 Most Dangerous Lines of Code
Next »
Unveiling the Wild World of Bug Bounties

Related Articles

All Mix →
Nothing In, Nothing Out Mix

Nothing In, Nothing Out

High quality intellectual output comes from high-quality intellectual input. People who don’t consume ideas tend not to have any. And if they do have some,…

April 16, 2025 Cybernoz 1 min read
Interesting Web Data from a Day on the Front Page of Hacker News Mix

Interesting Web Data from a Day on the Front Page of Hacker News

I spent yesterday on the front page of Hacker News for my git primer, which resulted in over 12K page views and some fascinating insight…

April 19, 2025 Cybernoz 1 min read
HackerOne and Zoom Select EverythingALS as the Latest Charity For Mix

HackerOne and Zoom Select EverythingALS as the Latest Charity For #Hackforgood

“Supporting a cure for ALS is important to Zoom both from a social responsibility standpoint and in terms of its impact on employee engagement, brand…

May 3, 2024 Cybernoz 2 min read
The story behind HackerOnes first anniversary gift for employees Mix

The story behind HackerOne’s first anniversary gift for employees

The HackerOnesie instantly became famous the day it was introduced in 2017. Although it has been known to carry magical powers, it is now one…

October 19, 2023 Cybernoz 1 min read
Integrating Mermaid.js in Zola | HAHWUL Mix

Integrating Mermaid.js in Zola | HAHWUL

Table of Contents 1. Creating a Shortcode 2. Adding the Mermaid.js Library CDN Approach (Initial Method) Internalizing with Local Files (Optimization) 3. Optimizing the Rendering…

June 17, 2025 Cybernoz 3 min read
8 Tips for writing effective bug bounty reports Mix

8 Tips for writing effective bug bounty reports

Table of Contents Examples of effective report titles Add mitigation advice Format for clarity Include supporting materials Common pitfalls to watch for Tip 8: Maintain…

March 27, 2025 Cybernoz 6 min read

Latest Posts

  • Microsoft discloses ‘the mother of all’ vulnerability loads, tripling June’s previous record
  • Australian critical infrastructure urged to tighten router security after Russian cyber warning
  • Microsoft is forcing an enterprise transition to passkeys
  • Microsoft’s Secure Boot has been broken for a decade and no one noticed until now
  • ICYMI: June 2026 @AWS Security
  • Agbi
  • ArsTechnica
  • AttackDefense
  • Australiancybersecuritymagazine
  • Bankinfosecurity
  • Bleeping Computer
  • CISOOnline
  • CloudSecurity
  • ComputerWeekly
  • Crowdstrike
  • Cyber Security Ventures
  • CyberDefenseMagazine
  • CyberNews
  • Cyberscoop
  • CyberSecurity-Insiders
  • CyberSecurityDive
  • CyberSecurityNews
  • CyberWire
  • DarkReading
  • ExploitOne
  • GBHackers
  • Genel
  • HackerCombat
  • HackRead
  • HelpnetSecurity
  • IndustrialCyber
  • InfoSecurity
  • ITnews
  • ITSecurityGuru
  • Krebson
  • MalwareBytes
  • Mix
  • OTSecurity
  • PortSwigger
  • Rapid7
  • SCMP
  • securelist
  • Securityaffairs
  • SecurityWeek
  • techcrunch
  • TheCyberExpress
  • TheHackerNews
  • ThreatIntelligence-IncidentResponse
  • Tldrsec
  • Unit42
  • VendorResearch
  • welivesecurity
  • Wired
  • Zerosalarium
☍ CyberNoz

Cybersecurity News

  • Agbi
  • ArsTechnica
  • AttackDefense
  • Australiancybersecuritymagazine
  • Bankinfosecurity
  • Bleeping Computer
  • CISOOnline
  • CloudSecurity
  • ComputerWeekly
  • Crowdstrike
  • Cyber Security Ventures
  • CyberDefenseMagazine
  • CyberNews
  • Cyberscoop
  • CyberSecurity-Insiders
  • CyberSecurityDive
  • CyberSecurityNews
  • CyberWire
  • DarkReading
  • ExploitOne
  • GBHackers
  • Genel
  • HackerCombat
  • HackRead
  • HelpnetSecurity
  • IndustrialCyber
  • InfoSecurity
  • ITnews
  • ITSecurityGuru
  • Krebson
  • MalwareBytes
  • Mix
  • OTSecurity
  • PortSwigger
  • Rapid7
  • SCMP
  • securelist
  • Securityaffairs
  • SecurityWeek
  • techcrunch
  • TheCyberExpress
  • TheHackerNews
  • ThreatIntelligence-IncidentResponse
  • Tldrsec
  • Unit42
  • VendorResearch
  • welivesecurity
  • Wired
  • Zerosalarium
Archive
  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025
  • April 2025
  • March 2025
  • February 2025
  • January 2025
  • December 2024
  • November 2024
  • October 2024
  • September 2024
  • August 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • December 2023
  • November 2023
  • October 2023
  • September 2023
  • August 2023
  • July 2023
  • June 2023
  • May 2023
  • April 2023
  • March 2023
  • February 2023
  • January 2023
  • December 2022
© 2026 Cybernoz. All rights reserved.