nOAuth Vulnerability Still Affects 9% of Microsoft Entra SaaS Apps Two Years After Discovery

Nine out of 104 SaaS applications found to be vulnerable to Entra ID cross-tenant nOAuth abuse. Attack could enable malicious actors to achieve account takeovers in susceptible software-as-a-service.