Three brand new OAuth2 and OpenID Connect vulnerabilities discovered by @artsploit with demos on MITREid Сonnect and ForgeRock OpenAM implementations. Contents: • Dynamic Client Registration - SSRF by design (CVE-2021-26715) • "redirect_uri" Session Poisoning (CVE-2021-27582) • "/.well-known/webfinger" makes all user names well-known https://portswigger.net/research/hidden-oauth-attack-vectors 913 views07:21