Login CSRF is a well-known vulnerability that allows an attacker to hijack a victim’s browser to login to an application using the attacker’s own credentials. This paper applies a similar concept on an application using federated identities. Specifically, we will walkthrough a CSRF issue that can creep into an application that uses OpenID Connect and Oauth 2.0, where more than one identities for a user needs to be linked together. We look at the conditions under which such a Federated Login CSRF may occur and mitigations for the same.
