(Web-)Insecurity Blog | Sign-in with World ID: XSS and ATO via OIDC Form Post Response Mode

https://security.lauritz-holtmann.de/advisories/tfh-form_post-xss-ato/

https://twitter.com/home/status/1803424243121561903

https://twitter.com/home/status/1803456141973922129

https://twitter.com/home/status/1803496064709767473