Content Spoofing In Moneybird
M
Moneybird
Submitted None
Team Summary
Official summary from Moneybird
Reporter found a content spoofing vulnerability in an OAuth related endpoint that reflected custom text present from the URL in the body. We have taken measurements to prevent this problem in the future.
Actions:
Reported by
a5tronaut
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Violation of Secure Design Principles