kriware 
Hijacking OAuth Flows via Cookie Tossing
This article explores how cookie tossing attacks can hijack OAuth flows, potentially leading to account takeovers at the Identity Provider (IdP).
https://snyk.io/articles/hijacking-oauth-flows-via-cookie-tossing/
Hijacking OAUTH flows via Cookie Tossing | Snyk
Learn about Cookie Tossing attacks, a rarely explored technique to hijack OAuth flows and enable account takeovers at Identity Providers (IdPs). Discover its implications, real-world examples, and how to safeguard applications using the Host cookie prefix.