1. MSAL Token Cache in localStorage Exposes OAuth Credentials to XSS Exploitation on Smart Device Platform
A security advisory has flagged a medium-severity vulnerability in the authentication layer of a connected device platform, where the Microsoft Authentication Library (MSAL) stores OAuth tokens in browser localStorage—a storage mechanism accessible to any JavaScript executing on the page. The flaw is embedded in the fr...