2025-01-30 09:08:21 Pacfic
OAuth Flaw in Airline Travel Integration - 1d
A critical OAuth redirect flaw has been discovered in an airline travel integration service, putting millions of users at risk of account hijacking. Cybersecurity researchers disclosed the now-patched vulnerability, which could have allowed attackers to gain unauthorized access to user accounts. The flaw was identified in a popular online travel service for hotel and car rentals which integrates with numerous airline services. Attackers could have used this to impersonate victims, access their personal information, modify bookings and even book services with their loyalty points. This incident highlights the significant risk that API supply chain attacks pose, where exploiting a weaker link in an ecosystem can provide access to sensitive data.
The vulnerability involved manipulating a 'tr_returnUrl' parameter during the OAuth authentication process. By crafting a malicious link, attackers could redirect authentication tokens to servers under their control. Once a user clicked the link and logged into their airline account, the attacker would intercept the tokens and gain full access to the victim's travel account. The attack is difficult to detect as the malicious links used the legitimate domain, making it difficult for standard detection methods to identify them. The issue has since been addressed, with the service implementing a fix to prevent unauthorized access by validating the return URL parameters.
ImgSrc: blogger.googleusercontent.com
References:
- CISO2CISO.COM & CYBER SECURITY GROUP - OAuth Redirect Flaw in Airline Travel Integration Exposes Millions to Account Hijacking – Source:thehackernews.com - 1d
- gbhackers.com - Vulnerability in Airline Integration Service enables A Hacker to Gain Entry To User Accounts - 1d
- The Hacker News - OAuth Redirect Flaw in Airline Travel Integration Exposes Millions to Account Hijacking - 1d
- GBHackers Security | #1 Globally Trusted Cyber Security News Platform - Vulnerability in Airline Integration Service enables A Hacker to Gain Entry To User Accounts - 23h
- ciso2ciso.com - News article detailing the OAuth redirect vulnerability in an airline travel integration system. - 6h
Classification:
- HashTags: OAuth AccountHijacking Cybersecurity
- Company: Airline
- Target: Airline Customers
- Product: Airline Integration Service
- Feature: OAuth Redirect
- Type: Hack
- Severity: Major