2 Videos for OAuth2: Authorization Server XSS II

In this video, we delve into the OAuth2 exercise within the authorization server challenge, part of the authentication and authorization badge. We explore the intricacies of OAuth2 authorization code flow and demonstrate how to exploit XSS vulnerabilities to gain unauthorized access to resources.

In this video, we dive into exploiting XSS on an OAuth2 Authorization Server using an iframe to automate the authorization process. We demonstrate how to create a malicious OAuth application, leverage XSS to perform a CSRF attack, and ultimately retrieve an authorization token.