Critical ‘nOAuth’ Flaw in Microsoft Azure AD Enabled Complete Account Takeover
Jun 21, 2023Ravie LakshmananAuthentication / Vulnerability A security shortcoming in Microsoft Azure Active Directory (AD) Open Authorization (OAuth) process could have been exploited to achieve full account takeover, researchers said. California-based identity and access management service Descope, which discovered and reported the issue in April 2023, dubbed it nOAuth. “nOAuth