OAuth2 XSS Authorization Server II: Exploitation with an iframe

image of exercise OAuth2 XSS Authorization Server II: Exploitation with an iframe
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
Spoiler
OAuth2 XSS Authorization Server II: Exploitation with an iframe

In this video, we dive into exploiting XSS on an OAuth2 Authorization Server using an iframe to automate the authorization process. We demonstrate how to create a malicious OAuth application, leverage XSS to perform a CSRF attack, and ultimately retrieve an authorization token.

video duration icon05:42 number of views icon548