omniauth-microsoft_graph is vulnerable to Improper Authentication. The vulnerability is due to missing validation of the email attribute received from Microsoft's OAuth service. This allows an attacker to bypass the email verification in the OAuth process and takeover an…Read More