Cybersecurity researchers have revealed that a now-patched vulnerability had exposed millions using a popular online travel service to account hijacking. The flaw allowed attackers to gain access to any account within the system, which could lead to impersonation. If the vulnerability was exploited, millions of online airline users would have been at risk. While the name of the company was not disclosed, researchers said the service is integrated into “dozens of commercial airline online services.” 

Read more: https://thehackernews.com/2025/01/oauth-redirect-flaw-in-airline-travel.html