OAuth vulnerabilities affect Booking.com

Salt Labs, the research division of Salt Security, has reported several critical vulnerabilities in the implementation of the Open Authorization (OAuth) login functionality used by Booking.com, which could affect users accessing the site via their Facebook account.

According to the research, the compromise of user accounts and servers through these vulnerabilities could allow the leakage of personal information (PII) and user impersonation when making, for example, bookings, cancellations or requests for transport services.