Hidden OAuth attack vectors

https://portswigger.net/research/hidden-oauth-attack-vectors

I wrote this article while working at the PortSwigger Research team.