Related URLs:
http://zh.wikipedia.org/zh-tw/OAuth
https://www.owasp.org/index.php/Singapore
http://www.aqniu.com/neotech/endpoint/2734.html
http://www.ustcif.com/default.php/content/2128/
http://aga.ustc.edu.cn/news/view?id=2094
http://www.cnvd.org.cn/flaw/show/CNVD-2014-02785
http://www.slideshare.net/woodentwaddle6758/facebook-google-users-threatened-by-new-security-flaw
http://www.theregister.co.uk/2014/05/05/covert_redirect_is_overt_hype_more_heartbleat_than_heartbleed/
http://www.maverickcyberdefense.com/intell-blog/entry/oauth-opnid-security-vulnerbility-03may14
http://soylentnews.org/article.pl?sid=14/05/02/2214247
http://techxplore.com/news/2014-05-math-student-oauth-openid-vulnerability.html
http://phys.org/news/2014-05-math-student-oauth-openid-vulnerability.html
http://mathtuition88.com/2014/05/05/math-news-math-student-detects-oauth-openid-security-vulnerability/
http://www.scmagazine.com/covert-redirect-vulnerability-impacts-oauth-20-openid/article/345407/
http://www.scu.edu/is/secure/blog/index.cfm?b=480&tag=5422
http://blog.kaspersky.com/facebook-openid-oauth-vulnerable/
http://digital-era.net/critical-holes-in-oauth-openid-could-leak-information-redirect-users/
http://blogs.mcafee.com/consumer/what-is-covert-redirect
http://mathfas.wordpress.com/2014/10/11/9/
http://blog.infinity-solutions.jp/2014/05/06/the-next-heartbleed-bug-covert-redirect-flaw/
http://www.appps.jp/88572/
http://scan.netsecurity.ne.jp/article/2014/05/08/34126.html
http://blog.kaspersky.co.jp/facebook-openid-oauth-vulnerable/3558/
http://newvo.jp/408699/OAuth2.0%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%28!?%29%22CovertRedirect%22%E3%81%A8%E3%81%AF-OAuth.jp
http://sp05rdcy.jugem.jp/?eid=1934
http://www.megafm.com.br/noticia/falha-de-seguranca-afetam-logins-de-facebook
http://www.opinionesdispersas.net/2014/05/otra-brecha-seguridad.html
http://www.it.co.kr/common/mediaitPrint.php?nSeq=2628799&nBoardSeq=60
http://xakep.ru/62448/
http://blog.kaspersky.fr/des-vulnerabilites-pour-les-boutons-types-sidentifier-avec-facebook/2984/
http://www.blogtogo.de/sicherheitsluecke-in-oauth-2-0-und-openid-gefunden/
http://www.baboo.com.br/seguranca/covert-redirect-o-novo-heartbleed/
http://www.slideshare.net/greentask/maxwells-formulation-differential-forms-on-euclidean-space
http://www.inzeed.com/articles/mathematics/Maxwells-Formulation--Differential-Forms-on-Euclidean-Space.pdf
http://www.inzeed.com/bowen
http://tetraph.com/wangjing
http://tetraph.com/covert_redirect/
http://tetraph.com/covert_redirect/oauth2_openid_covert_redirect.html
http://www.slideshare.net/greentask/dunbars-conjecture-for-planar-graphs-40822284
http://www.inzeed.com/articles/mathematics/dunbars-conjecture-for-planar-graphs.pdf
http://www.slideshare.net/greentask/use-problem-based-and-cooperative-based-strategies-teaching-method
http://www.inzeed.com/articles/teaching/Use-Problem-Based-and-Cooperative-Based-Strategies--Teaching-Method.pdf
http://www.slideshare.net/greentask/delaunay-triangulation-from-2d-delaunay-to-3d-delaunay
http://www.inzeed.com/articles/mathematics/delaunay-triangulation-from-2d-delaunay-to-3d-delaunay.pdf
http://www.slideshare.net/greentask/ss-40847595
http://www.inzeed.com/articles/psychology/Management-Psychology-Research-Paper.pdf
http://www.inzeed.com/honour/wangjing/Outstanding-Undergraduate-Research.pdf
http://www.inzeed.com/honour/wangjing/president-of-student-reporter-union.PDF
http://www.inzeed.com/honour/wangjing/zuaas-trial-walk-winner.PDF
http://zh.wikipedia.org/zh-tw/OAuth
https://www.owasp.org/index.php/Singapore
http://www.aqniu.com/neotech/endpoint/2734.html
http://www.ustcif.com/default.php/content/2128/
http://aga.ustc.edu.cn/news/view?id=2094
http://www.cnvd.org.cn/flaw/show/CNVD-2014-02785
http://www.slideshare.net/woodentwaddle6758/facebook-google-users-threatened-by-new-security-flaw
http://www.theregister.co.uk/2014/05/05/covert_redirect_is_overt_hype_more_heartbleat_than_heartbleed/
http://www.maverickcyberdefense.com/intell-blog/entry/oauth-opnid-security-vulnerbility-03may14
http://soylentnews.org/article.pl?sid=14/05/02/2214247
http://techxplore.com/news/2014-05-math-student-oauth-openid-vulnerability.html
http://phys.org/news/2014-05-math-student-oauth-openid-vulnerability.html
http://mathtuition88.com/2014/05/05/math-news-math-student-detects-oauth-openid-security-vulnerability/
http://www.scmagazine.com/covert-redirect-vulnerability-impacts-oauth-20-openid/article/345407/
http://www.scu.edu/is/secure/blog/index.cfm?b=480&tag=5422
http://blog.kaspersky.com/facebook-openid-oauth-vulnerable/
http://digital-era.net/critical-holes-in-oauth-openid-could-leak-information-redirect-users/
http://blogs.mcafee.com/consumer/what-is-covert-redirect
http://mathfas.wordpress.com/2014/10/11/9/
http://www.electronista.com/articles/14/05/02/google.microsoft.facebook.all.potentially.affected.by.attack.vector/
http://www.chimerarevo.com/internet/covert-redirect-non-heartbleed-perche-167189/
http://www.bankinfosecurity.com/covert-redirect-flaw-big-deal-a-6813
http://digi.163.com/14/0503/08/9RACJBK900162OUT.html
http://tech.ifeng.com/internet/detail_2014_05/03/36130721_0.shtml
http://www.freebuf.com/vuls/33750.html
http://blog.knownsec.com/2014/05/oauth_vulnerability_analysis/
http://network.pconline.com.cn/471/4713896.html
http://www.csdn.net/article/2014-05-04/2819588
http://it.people.com.cn/n/2014/0504/c1009-24969253.html
http://www.360doc.com/content/14/0511/09/9200790_376595021.shtml
http://www.youxia.org/oauth-openid-login-tools-bug.html
http://media.sohu.com/20140504/n399096249.shtml
http://it.rising.com.cn/info/2014-05-04/15575.html
http://www.xianguo.com/article/a254ea6b9981093b5a91bed22991d4d8
http://www.douban.com/note/348973705/
http://www.safedog.cn/news.html?id=1179
http://www.baike.com/wiki/%E9%9A%90%E8%94%BD%E9%87%8D%E5%AE%9A%E5%90%91%E6%BC%8F%E6%B4%9E
http://baike.baidu.com/link?url=S-n7eFQzl8EYDhvDMFnEnLyIlBz6Rk1k5qtNk7raMU9xMl7sIvKrjnwllp8rNPLu3cfNpuznGaSrH82DSF6wQq
http://news.yahoo.com/facebook-google-users-threatened-security-192547549.html
http://www.cnet.com/news/serious-security-flaw-in-oauth-and-openid-discovered/
http://thehackernews.com/2014/05/nasty-covert-redirect-vulnerability.html
http://www.zdnet.com/student-who-exposed-covert-redirect-deflects-findings-away-from-id-protocols-7000029419/
https://news.ycombinator.com/item?id=7685677
http://tech.firstpost.com/news-analysis/after-heartbleed-major-covert-redirect-flaw-threatens-oauth-openid-and-the-internet-222945.html?utm_source=top_stories
http://www.channelnewsasia.com/news/singapore/vigilantes-testing/1386694.html
http://forums.hardwarezone.com.sg/eat-drink-man-woman-16/vigilantes-hacked-into-m1-iphone-website-4827334.html
http://www.allsingaporestuff.com/article/white-hat-hackers-testing-security-computer-systems-singapore
http://www.todayonline.com/singapore/vigilantes-testing-security-it-systems
https://www.xssposed.org/researchers/wangjing/
https://support.bitcasa.com/hc/en-us/articles/202210658-How-To-Responsibly-Report-Security-Concerns
http://www.constantcontact.com/legal/report-vulnerability
https://www.heroku.com/policy/security-hall-of-fame
http://company.nokia.com/en/acknowledgements
http://aq.163.com/module/rank/card.html?id=1571fa56d2c0263641b5536a61de3d87
http://sec.kingsoft.com/heroes/memberDetail/329/
http://sec.sina.com.cn/User/view?code=4abfc6987d3e5582
http://sec.baidu.com/index.php?honor/list/y/2014/m/3/page/2
http://security.jd.com/index.php/Index/montop/y/2014/mo/4/
http://us.blackberry.com/business/enterprise-mobility/mobile-security/incident-response-team/collaborations.html
http://technet.microsoft.com/en-sg/security/cc308575.aspx
http://ebay.com/securitycenter/ResearchersAcknowledgement.html
https://www.airbnb.com.sg/info/security
https://lastpass.com/support_security.php
http://help.getpocket.com/customer/portal/articles/1225832-pocket-security-overview
http://www.cnvd.org.cn/flaw/show/CNVD-2014-02785
http://news.0937.net/newsshow-73936.html
http://www.yzdjbh.com/Article.aspx?Id=236865185771
http://www.zmke.com/i/5376.html
http://www.zhujicp.com/news/422.html
http://www.ynyue.com/News/xingyexinwen/3660.html
http://www.linuxidc.com/Linux/2014-05/101507.htm
http://www.wanho.net/hangye/2458.html
http://finance.takungpao.com/tech/q/2014/0504/2454551.html
http://www.chengshiw.com/tech/2014/328183.html
http://www.idcps.com/news/20140504/72515.html
http://www.safedog.cn/news.html?id=1179
http://www.myhack58.com/Article/html/3/62/2014/46433_2.htm
http://www.xianguo.com/article/a254ea6b9981093b5a91bed22991d4d8
http://yw.learnatchina.com/201405033774-view-comments-for-critical-holes-in-oauth-openid-could-leak-information-redirect-users.html#.VEz2AoV5MxA
http://weekly.securityfrontline.org/201405075475-critical-holes-in-oauth-openid-could-leak-information-redirect-users.html#.VEz2HYV5MxA
http://w3.isvoc.com/201405055707-critical-holes-in-oauth-openid-could-leak-information-redirect-users.html#.VE4KNIV5MxA
http://yw.learnatchina.com/201405033774-view-comments-for-critical-holes-in-oauth-openid-could-leak-information-redirect-users.html#.VE4K54V5MxA
http://www.gdyfs.com/news/she/20140503/050313M3262014.html
http://www.hbrc.com/rczx/shownews-5626620-14.html
http://www.douban.com/note/348973705/
http://tetraph.blog.163.com/blog/static/2346030512014471384217/
http://networksecurity.isvoc.com/201405152555-student-who-exposed-covert-redirect-deflects-findings-away-from-id-protocols.html#.VFBxpIV5MxA
http://blog.knownsec.com/2014/05/oauth_vulnerability_analysis/
http://www.ctjin.com/chuangye/touzirenjigou/2014-05-03/22200.html
http://zhan.renren.com/yunnet?gid=3602888498049839484&checked=true
http://www.myhack58.com/Article/html/3/62/2014/46954.htm
http://www.shellsec.com/tech/55733.html
http://www.xycity.cn/news/14/n-1257514.html
http://www.cnbeta.com/articles/288503.htm
http://www.csdn.net/article/2014-05-04/2819588
http://www.shangxueba.com/jingyan/2189665.html
http://www.2cto.com/Article/201405/301778.html
http://www.pubeta.com/3033.html
http://www.2cto.com/Article/201405/301778.html
http://www.techweb.com.cn/internet/2014-05-03/2032301.shtml
http://blog.knownsec.com/2014/05/oauth_vulnerability_analysis/
http://t.163.com/7758515660
http://www.weibo.com/tetraph
http://www.youxia.org/oauth-openid-login-tools-bug.html
http://v.youku.com/v_show/id_XNzA4ODI5MDY0.html
http://www.aiweibang.com/yuedu/tech/499816.html
http://essayjeans.blog.163.com/blog/static/2371730742014521103639930/
http://linux.cn/article-2962-1.html
http://media.sohu.com/20140504/n399096249.shtml
http://www.backlion.com/%E9%92%88%E5%AF%B9%E8%BF%91%E6%9C%9F%E5%8D%9A%E5%85%A8%E7%90%83%E7%9C%BC%E7%90%83%E7%9A%84oauth%E6%BC%8F%E6%B4%9E%E7%9A%84%E5%88%86%E6%9E%90%E4%B8%8E%E9%98%B2%E8%8C%83%E5%BB%BA/
http://www.xycity.cn/news/14/n-1257514.html
http://t.163.com/7758515660
http://www.kaixin001.com/repaste/index_159835659.html
http://www.tuicool.com/articles/fuaeMf
http://blog.sina.com.cn/s/blog_9c466a590101j4k4.html
http://essayjeans.blog.163.com/blog/static/237173074201493101817921/
http://tetraph.blog.163.com/blog/static/23460305120149410334290/
http://www.kankanews.com/ICkengine/archives/138987.shtml
http://img.sootoo.com/content/492302.shtml
http://it.rising.com.cn/info/2014-05-04/15575.html
http://www.tuicool.com/articles/qEzUneY
http://www.linuxidc.com/Linux/2014-05/101182.htm
http://www.linuxeden.com/html/news/20140503/151358.html
http://code.csdn.net/news/2819588
http://tieba.baidu.com/p/3030252100
http://www.52rkl.cn/anquan/06102T102014.html
http://www.m4sk.net/post/3703b3_12d3b49
http://www.1398.org/itnews/ippmrk_1.html
http://www.360doc.com/content/14/0511/09/9200790_376595021.shtml
http://www.safedog.cn/news.html?id=1179
http://tech.ifeng.com/internet/detail_2014_05/03/36130721_0.shtml?_114sobiaoqian
https://blog.instantssl.com/2014/05/covert-redirect-vulnerability/
http://tetraph.blogspot.sg/2014/05/wordpress-covert-redirect-vulnerability.html
http://newsmaine.net/19206-covert-redirect-vulnerability-discovered-oauth-20-and-openid
http://vulnerabilitypost.wordpress.com/category/covert-redirect-vulnerability/
https://benoitis.com/tag/covert-redirect/
http://blogs.mcafee.com/consumer/what-is-covert-redirect
http://threatpost.com/critical-holes-in-oauth-openid-could-leak-information-redirect-users/105876
https://krystal.co.uk/blog/2014/05/openauth-covert-redirection-vulnerability-explained/
https://www.facebook.com/jaicomputer/posts/732480143456948
http://www.csoonline.com/article/2150742/malware-cybercrime/oauth-weakness-threatens-users-of-social-media-sites.html
http://blog.sina.com.cn/s/blog_12ff797370101ewc2.html
http://www.infosecurity-magazine.com/news/bitly-compromised-users-warned-to-reset-accounts/
http://tetraph.tumblr.com/
http://whatis.techtarget.com/definition/covert-redirect
http://www.veooz.com/news/mH9R~~L.html
http://blog.kaspersky.com/facebook-openid-oauth-vulnerable/
http://www.pymnts.com/news/2014/security-flaw-in-open-source-log-in-tools-could-leave-social-media-users-at-risk/#.VFBdloV5MxA
http://redmondmag.com/articles/2014/05/02/oauth-and-openid-flaw-found.aspx
http://www.darkreading.com/authentication/oauth-openid-flaw-7-facts/d/d-id/1251127
http://www.hubberts-arms.org/computing/math-student-detects-oauth-openid-security-vulnerability/?PHPSESSID=79184ab9be7276a12ec9d85c3374d49a
https://www.qualys.com/research/sans-at-risk/2014/week-18/
http://www.sciencenewsdaily.org/internet-news/cluster560745642/
http://omgdgt.com/?p=34396
http://www.reddit.com/r/netsec/comments/24knlj/serious_security_flaw_in_oauth_openid_discovered/
http://it-beta.slashdot.org/story/14/05/02/2015227/nasty-security-flaw-in-oauth-openid
http://soylentnews.org/comments.pl?sid=1632&threshold=-1&commentsort=5&mode=nested
http://www.suvsystem.com/a/16702.aspx
http://t.qq.com/tetraph
http://cissp.com/security-news/29-thought-leadership/social-media-latest-to-feel-security-flaw-impact
https://friendica.libertypod.com/display/aliena23p/382571
http://securityrelated.blogspot.sg/2014_10_01_archive.html
http://the-hacker-news.tumblr.com/post/84623817091/nasty-covert-redirect-vulnerability-found-in-oauth-and
http://clipsin.com/view/mailru-oauth-20-covert-redirect-vulnerability/qcHmirNBT6QtMdY.html
http://tweets.seraph.me/search/OAuth%20Security
http://historimac.nerdzblog.com/Mac-mini-9g.phpHTTP/1.1%20200%20OKDate:%20Tue,%2021%20Jul%202009%2012:01:33%20GMTServer:%20Apache/1.3.37%20%28Unix%29%20mod_fastcgi/mod_fastcgi-SNAP-0404142202X-Powered-By:%20PHP/Linkedin-OAuth-2.0-Covert-Redirect-Vulnerability-_-iif6eq2cvso.html
http://www.asurekazani.com/video/1FZ6yfsp09U
http://nevarneyox.com/watch?v=0yEB58S8WBI
http://computerobsess.blogspot.sg/2014/10/odnoklassnikiru-covert-redirect.html
http://cooldotz.com/blog/google-facebook-users-face-new-security-threat-delhi-daily-news/
http://videocurso.globocaxias.com/video/GyNGBuHNoJ0/watch.html
http://www.isssource.com/security-flaw-in-oauth-2-0-openid/
http://yw.learnatchina.com/201405033774-view-comments-for-critical-holes-in-oauth-openid-could-leak-information-redirect-users.html
http://www.popbuzz.me/uk/p/3477751/
http://www.vintegris.com/en/news/openid-and-oauth-vulnerability-affects-facebook-google-and-others/_id:47/
http://www.hackbusters.com/news/stories/43931-oauth-openid-flaw-7-facts
http://www.almdares.net/vz/youtube_browser.php?do=show&vidid=6m1CoV8JTmc
http://irfansalam.wordpress.com/2014/05/10/openid-oauth-vulnerability-affects-facebook-google-and-others/
http://completosec.wordpress.com/2014/05/14/exploits-violate-oauth-2-0-and-openid-assumptions/
http://www.digitalmunition.me/?p=2459
http://www.inzeed.com/people/fengdong.html
http://www.tetraph.com/people/wangzhenen.html
http://www.tetraph.com/people/liumeilan.html
http://www.tudou.com/home/essaybeans/item
http://www.tudou.com/programs/view/lg8T2bhkZpc/
http://www.tudou.com/programs/view/Px3eEBhXjpc/
http://www.tudou.com/programs/view/3R4kJrIbr5U/
http://www.tudou.com/programs/view/XyiwT4wbQ4I/
http://www.tudou.com/programs/view/qkX60p9KHsk/
http://www.tudou.com/programs/view/6qw_vdy5yD0/
http://i.youku.com/essayjeans
http://v.youku.com/v_show/id_XODA3NDMyMDY4.html
http://v.youku.com/v_show/id_XODA3MzUxMDMy.html
http://v.youku.com/v_show/id_XODA0NTE0ODU2.html
http://v.youku.com/v_show/id_XNzIzMDU0NTc2.html
http://v.youku.com/v_show/id_XNzIzMDI4MDAw.html
http://v.youku.com/v_show/id_XNzIyOTI5MjY0.html
http://v.youku.com/v_show/id_XNzExNDY3OTI0.html
http://v.youku.com/v_show/id_XNzEwNzQ0NDY4.html
http://v.youku.com/v_show/id_XNzA4OTY2Mjg4.html
http://v.youku.com/v_show/id_XNzA4OTY2Mjg4.html
http://v.youku.com/v_show/id_XNzA4ODM1MDIw.html
http://v.youku.com/v_show/id_XNzA4ODM0OTQw.html
http://v.youku.com/v_show/id_XNzA4ODM0OTA0.html
http://v.youku.com/v_show/id_XNzA4ODI5MDY0.html
http://v.youku.com/v_show/id_XNzA4ODI4ODg0.html
http://v.youku.com/v_show/id_XNzA4ODI0NjY0.html
http://v.youku.com/v_show/id_XNzA4ODI0NTQw.html
http://i.youku.com/essaybeans
http://v.youku.com/v_show/id_XODE1MDMwNzQ4.html
http://v.youku.com/v_show/id_XODE1MDMwNzA0.html
http://v.youku.com/v_show/id_XODE1MDMwNjIw.html
http://v.youku.com/v_show/id_XODE1MDI4OTcy.html
http://www.youtube.com/user/justqdjing
http://www.youtube.com/user/essaybeans
http://www.youtube.com/watch?v=k37gpKaql6k
http://www.youtube.com/watch?v=L78blHqHVsA
http://www.youtube.com/watch?v=EtfQvsNGik0
http://www.youtube.com/watch?v=89AexKfxM5g
http://www.youtube.com/watch?v=KiNKYD9VRK8
http://www.youtube.com/watch?v=KF0_p5XdJfs
http://www.youtube.com/watch?v=HgemMetVPP4
http://www.youtube.com/watch?v=D2jvlD1-1OA
http://www.youtube.com/watch?v=0GtSV4fcE9g
http://www.youtube.com/watch?v=xi41o7W4UWQ
http://www.youtube.com/watch?v=QeFDU_LlKqs
http://www.youtube.com/user/tetraph
http://www.youtube.com/watch?v=3gNhi8h2AQY
http://www.youtube.com/watch?v=onA5BgC3zIY
http://www.youtube.com/watch?v=RekCK5tjXWQ
http://www.youtube.com/watch?v=D-X8qAO2q_I
http://www.youtube.com/watch?v=T1XW31s92qA
http://www.youtube.com/watch?v=-lxaX9xvUfE
http://www.youtube.com/watch?v=m7_NSa9CJ2A
http://www.youtube.com/watch?v=HUE8VbbwUms
http://www.youtube.com/watch?v=Y2-2Scp0pbs
Reference::
https://vulnerabilitypost.wordpress.com/
http://tetraph.wordpress.com/
http://mathfas.wordpress.com/
http://tetraph.blog.163.com/
http://essayjeans.blog.163.com/
http://blog.sina.com.cn/justqdjing
http://blog.sina.com.cn/essayjeans
http://blog.sina.com.cn/whitehatpost
http://user.qzone.qq.com/2519094351/2
http://tetraph.tumblr.com/
http://whitehatview.tumblr.com/
http://tetraph.blogspot.com/
http://computerobsess.blogspot.com/
http://essayjeans.blogspot.com/
http://essaybeans.blogspot.com/
https://www.facebook.com/essaybeans
https://www.facebook.com/essayjeans
http://www.tetraph.com/blog/
http://www.tetraph.com/security/
http://inzeed.com/blog/
http://inzeed.com/kaleidoscope/
http://diebiyi.com/blog/
http://diebiyi.com/articles/
http://covertredirect.com/blog/
http://covertredirect.com/wangjing/
http://www.inzeed.com/bowen/
http://www.ustcif.com/default.php/content/2128/
http://aga.ustc.edu.cn/news/view?id=2094
http://user.qzone.qq.com/137372921
https://www.linkedin.com/in/essayjeans
http://www.kaixin001.com/repaste/index_159835659.html
http://t.qq.com/blackswall1544?previewtgo
http://www.weibo.com/justqdjing?
http://blog.sina.com.cn/justqdjing
https://www.facebook.com/fei.yu.3323
https://plus.google.com/u/0/118367468423066098176/posts
https://plus.google.com/u/0/+JingWang-tetraph-justqdjing/posts
http://www.letv.com/ptv/vplay/20130165.html
http://blog.163.com/essayjeans
https://plus.google.com/u/0/b/113698571167401884560/113698571167401884560/posts
https://www.facebook.com/essaybeans?
http://t.qq.com/tetraph
http://www.tetraph.com/cn/wangjing https://www.facebook.com/wangjing.justqdjing https://twitter.com/justqdjing http://www.linkedin.com/in/justqdjing https://plus.google.com/u/0/+JingWang-tetraph-justqdjing/ http://www.youtube.com/user/justqdjing http://www.weibo.com/justqdjing http://i.youku.com/essayjeans
http://blog.sina.com.cn/justqdjing
https://www.facebook.com/fei.yu.3323
https://plus.google.com/u/0/118367468423066098176/posts
https://plus.google.com/u/0/+JingWang-tetraph-justqdjing/posts
http://www.letv.com/ptv/vplay/20130165.html
http://blog.163.com/essayjeans
https://plus.google.com/u/0/b/113698571167401884560/113698571167401884560/posts
http://user.qzone.qq.com/137372921
https://www.linkedin.com/in/essayjeans
http://www.kaixin001.com/repaste/index_159835659.html
http://t.qq.com/blackswall1544?previewtgo
http://www.weibo.com/justqdjing?
http://blog.sina.com.cn/justqdjing
https://www.facebook.com/fei.yu.3323
https://plus.google.com/u/0/118367468423066098176/posts
https://plus.google.com/u/0/+JingWang-tetraph-justqdjing/posts
http://www.letv.com/ptv/vplay/20130165.html
http://blog.163.com/essayjeans
https://plus.google.com/u/0/b/113698571167401884560/113698571167401884560/posts
Related links
http://essaybeans.blogspot.sg/
http://vimeo.com/tetraph
http://i.youku.com/essayjeans
http://www.youtube.com/user/tetraph
http://www.youtube.com/user/justqdjing
https://www.facebook.com/essaybeans?skip_nax_wizard=true
http://www.tetraph.com/forum/
http://www.tetraph.com/blog/
http://blog.sina.com.cn/essayjeans
http://blog.sina.com.cn/justqdjing
http://essayjeans.blog.163.com/
http://tetraph.blog.163.com/
http://tetraph.blog.163.com/blog/static/23460305120144210374933/
http://tetraph.tumblr.com/post/100080251777/covert-redirect-vulnerability-related-to-oauth-2-0-and
https://www.facebook.com/permalink.php?id=420695091405296&story_fbid=420705068070965
http://blog.sina.com.cn/s/blog_12ff797370101edm4.html
http://blog.sina.com.cn/s/blog_ecd65d410102v3jx.html
http://whitehatview.tumblr.com/post/100080520381/covert-redirect-vulnerability-related-to-oauth-2-0-and
https://vulnerabilitypost.wordpress.com/2014/10/15/covert-redirect-vulnerability-related-to-oauth-2-0-and-openid-2/
https://tetraph.wordpress.com/2014/10/15/covert-redirect-vulnerability-related-to-oauth-2-0-and-openid-3/
http://securityrelated.blogspot.sg/2014/10/covert-redirect-vulnerability-related.html
http://tetraph.blogspot.sg/2014/10/covert-redirect.html
http://essayjeans.blogspot.sg/2014/06/top-5-ways-to-prevent-wrinkles-from.html
http://essaybeans.blogspot.sg/2014/10/blog-post.html
http://mathfas.wordpress.com/2014/10/15/covert-redirect-vulnerability/
http://blog.sina.com.cn/s/blog_12ff797370102v467.html
http://blog.sina.com.cn/s/blog_ecd65d410102v4vd.html
http://blog.sina.com.cn/s/blog_9c466a590102v2hv.html
http://www.tetraph.com/blog/covert-redirect/covert-redirect-vulnerability-related-to-oauth-2-0-and-openid/
http://tetraph.blog.163.com/blog/static/23460305120149159422371/
http://essayjeans.blog.163.com/blog/static/237173074201491510534996/
http://user.qzone.qq.com/137372921
http://user.qzone.qq.com/2519094351/2
http://www.pinterest.com/pin/326018460499818774/
http://www.pinterest.com/pin/465278205227138242/
http://computerobsess.blogspot.sg/2014/10/covert-redirect-vulnerability-related.html
http://tetraph.com/security/xss-vulnerability/mozilla-mozilla-org-two-sub-domains-cross-reference-xss-vulnerability-all-urls-under-the-two-domains/
http://tetraph.com/security/cves/cve-2014-7292-newtelligence-dasblog-open-redirect-vulnerability/
https://www.facebook.com/essayjeans?
https://www.facebook.com/tetraph?
http://www.weibo.com/tetraph
https://twitter.com/justqdjing
https://twitter.com/tetraphibious
https://twitter.com/essayjeans
http://www.pinterest.com/essaybeans
http://www.pinterest.com/tetraph/
http://i.youku.com/essaybeans
http://www.weibo.com/essayjeans
http://www.weibo.com/justqdjing?
http://tetraph.blogspot.sg/
http://essayjeans.blogspot.sg/
http://essaybeans.blogspot.sg/
http://vimeo.com/tetraph
http://i.youku.com/essayjeans
http://www.youtube.com/user/tetraph
http://www.youtube.com/user/justqdjing
https://www.facebook.com/essaybeans?skip_nax_wizard=true
http://www.tetraph.com/forum/
http://www.tetraph.com/blog/
References:
1. http://it.people.com.cn/n/2014/0504/c1009-24969253.html
2. http://digi.163.com/14/0503/08/9RACJBK900162OUT.html
3 . http://tech.ifeng.com/internet/detail_2014_05/03/36130721_0.shtml
4 . http://www.cnbeta.com/articles/288503.htm
5 . http://network.pconline.com.cn/471/4713896.html
6 . http://www.hackdig.com/?05/hack-9782.htm
7 . http://www.freebuf.com/vuls/33750.html
8 . http://www.csdn.net/article/2014-05-04/2819588
9 . http://baike.baidu.com/link?url=0v9QZaGB09ePxHb70bzgWqlW-C9jieVguuDObtvJ_6WFY3h2vWnnjNDy4-jliDmqbT47SmdGS1_pZ4BbGN4Re_
10. http://www.baike.com/wiki/%E9%9A%90%E8%94%BD%E9%87%8D%E5%AE%9A%E5%90%91%E6%BC%8F%E6%B4%9E
11, http://www.cnet.com/news/serious-security-flaw-in-oauth-and-openid-discovered/
12. http://www.scmagazine.com/covert-redirect-vulnerability-impacts-oauth-20-openid/article/345407/
13, http://www.zdnet.com/student-who-exposed-covert-redirect-deflects-findings-away-from-id-protocols-7000029419/
14. http://thehackernews.com/2014/05/nasty-covert-redirect-vulnerability.html
15. http://news.yahoo.com/facebook-google-users-threatened-security-192547549.html
16. http://www.allsingaporestuff.com/article/white-hat-hackers-testing-security-computer-systems-singapore
17. http://www.channelnewsasia.com/news/singapore/vigilantes-testing/1386694.html
18. http://forums.hardwarezone.com.sg/eat-drink-man-woman-16/vigilantes-hacked-into-m1-iphone-website-4827334.html
19. http://tetraph.com/covert_redirect/oauth2_openid_covert_redirect.html
20. http://oauth.net/advisories/2014-1-covert-redirect/
21. http://openid.net/2014/05/15/covert-redirect/
22. http://oauth.jp/blog/2014/05/07/covert-redirect/
23. http://blogs.mcafee.com/consumer/what-is-covert-redirect
24. http://www.scmagazine.com/covert-redirect-vulnerability-impacts-oauth-20-openid/article/345407/
25. http://www.securityweek.com/covert-redirect-issue-oauth-openid-places-security-responsibility-wrong-place
26. http://oauth.jp/blog/2014/05/07/covert-redirect-in-implicit-flow/
27. http://www.openid.or.jp/blog/2014/05/covert-redirect-and-its-real-impact-on-oauth-and-openid-connect.html
28. http://weblog.bulknews.net/post/85008516879/covert-redirect-vulnerability-with-oauth-2
29. http://securityaffairs.co/wordpress/24585/intelligence/covert-redirect-oauth-openid.html
30. https://www.yireo.com/blog/1678-oauth-covert-redirect-vulnerability
31. http://www.net-security.org/secworld.php?id=16795
32. http://www.itbusinessedge.com/blogs/data-security/lessons-to-be-learned-from-covert-redirect.html
33. http://www.netskope.com/blog/oauth-openid-covert-redirect-vulnerability/
34. http://www.tomsguide.com/us/facebook-google-covert-redirect-flaw,news-18726.html
35. http://zeenews.india.com/tags/covert-redirect.html
36. http://www.foxnews.com/tech/2014/05/05/facebook-google-users-threatened-by-new-security-flaw/
37, http://www.ceilers-news.de/serendipity/497-Websecurity-Die-Covert-Redirect-Schwachstelle-und-OAuth-2.0-und-OpenID.html
38. http://www.reddit.com/r/technology/comments/24oe6q/nasty_covert_redirect_vulnerability_found_in/
39. https://news.ycombinator.com/item?id=7685677
40. http://canaltech.com.br/noticia/seguranca/Diferencas-entre-Covert-Redirect-e-Heartbleed/
41. https://www.idradar.com/news-stories/technology/Covert-Redirect-Software-Bug-Needs-A-Fix
42. http://www.komando.com/happening-now/251360/a-new-security-hole-lets-hackers-hijack-your-facebook-login/all
43. http://www.hardware.no/artikler/covert-redirect-svakhet-er-ingen-ny-nettkrise/159589
44. http://www.sotostips.gr/2014/05/provlima-covert-redirect.html
45. http://www.darkreading.com/security-flaw-found-in-oauth-20-and-openid-third-party-authentication-at-risk/d/d-id/1235062
46. http://twit.tv/show/tech-news-2night/79
47. http://www.baomoi.com/Bkav-Lo-hong-Covert-Redirect-khong-nguy-hiem-bang-trai-tim-ri-mau/76/13729018.epi
48. http://www.darraghduffy.ie/covert-redirect-openid-oauth/
49. http://conectica.com.mx/2014/05/02/covert-redirect-vulnerabilidad-en-oauth-y-openid-similar-heartbleed/
50. http://blog.infinity-solutions.jp/2014/05/06/the-next-heartbleed-bug-covert-redirect-flaw/
51. … …
http://blog.infinity-solutions.jp/2014/05/06/the-next-heartbleed-bug-covert-redirect-flaw/
http://www.appps.jp/88572/
http://scan.netsecurity.ne.jp/article/2014/05/08/34126.html
http://blog.kaspersky.co.jp/facebook-openid-oauth-vulnerable/3558/
http://newvo.jp/408699/OAuth2.0%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%28!?%29%22CovertRedirect%22%E3%81%A8%E3%81%AF-OAuth.jp
http://sp05rdcy.jugem.jp/?eid=1934
http://www.megafm.com.br/noticia/falha-de-seguranca-afetam-logins-de-facebook
http://www.opinionesdispersas.net/2014/05/otra-brecha-seguridad.html
http://www.it.co.kr/common/mediaitPrint.php?nSeq=2628799&nBoardSeq=60
http://xakep.ru/62448/
http://blog.kaspersky.fr/des-vulnerabilites-pour-les-boutons-types-sidentifier-avec-facebook/2984/
http://www.blogtogo.de/sicherheitsluecke-in-oauth-2-0-und-openid-gefunden/
http://www.baboo.com.br/seguranca/covert-redirect-o-novo-heartbleed/
http://www.tomsguide.com/us/xss-flaw-ny-times,news-19784.html
http://www.tetraph.com/blog/xss-vulnerability/new-york-times-nytimes-com-page-design-xss-vulnerability-almost-all-article-pages-are-affected/
http://www.hotforsecurity.com/blog/cross-site-scripting-xss-vulnerability-in-new-york-times-articles-before-2013-10555.html
http://news.softpedia.com/news/XSS-Risk-Found-In-Links-to-New-York-Times-Articles-Prior-to-2013-462334.shtml
http://itsecuritynews.info/2014/10/16/cross-site-scripting-xss-vulnerability-in-new-york-times-articles-before-2013/
https://www.youtube.com/watch?v=RekCK5tjXWQ
http://infopunk.org/main/blog/2014/10/16/cross-site-scripting-xss-vulnerability-in-new-york-times-articles-before-2013/
http://worldnew.org/xss-flaw-may-exist-in-the-old-new-york-times-article-pages.html
https://twitter.com/justqdjing
http://securitynewswire.com/securitynews2012/article.php?title=XSS_Risk_Found_in_Links_to_New_York_Times_Articles_Prior_to_2013
http://sec.jetlib.com/Full_Disclosure/2014/10/15/Advisory_01_2014:_Drupal7_-_pre_Auth_SQL_InjectionVulnerability
https://www.marshut.net/kqipvz/new-york-times-nytimes-com-page-design-xss-vulnerability-almost-all-article-pages-before-2013-are-affected.html
http://news.silobreaker.com/jing-wang-11_3420080
http://www.tudou.com/programs/view/qkX60p9KHsk/
http://www.outofspecs.gr/tech-news/18408-xss-%CE%BA%CE%AF%CE%BD%CE%B4%CF%85%CE%BD%CE%BF%CE%B9-%CE%B5%CE%BD%CF%84%CE%BF%CF%80%CE%AF%CF%83%CF%84%CE%B7%CE%BA%CE%B1%CE%BD-%CF%83%CE%B5-%CF%83%CF%85%CE%BD%CE%B4%CE%AD%CF%83%CE%BC%CE%BF%CF%85%CF%82-%CF%83%CF%84%CE%BF-new-york-times-%CF%83%CE%B5-%CE%AC%CF%81%CE%B8%CF%81%CE%B1-%CF%80%CF%81%CE%B9%CE%BD-%CF%84%CE%BF-2013.html
http://tilegrafos.gr/XSS-kindunoi-entopistikan-se-sundesmous-sto-New-York-Times-se-arthra-prin-to-2013.html
http://essayjeans.blog.163.com/blog/static/237173074201491510534996/
http://telezkope.com/Technology/Programming/3321242/cross-site-scripting-xss-vulnerability-in-new-york-times-articles-before-2013
http://www.hotforsecurity.com/blog/cross-site-scripting-vulnerability-in-mozillas-cross-reference-sub-domains-10607.html
http://www.tetraph.com/blog/xss-vulnerability/mozilla-mozilla-org-two-sub-domains-cross-reference-xss-vulnerability-all-urls-under-the-two-domains/
https://www.xssposed.org/incidents/domain/lxr.mozilla.org/
https://www.youtube.com/watch?v=onA5BgC3zIY
http://itsecuritynews.info/2014/10/20/cross-site-scripting-vulnerability-in-mozillas-cross-reference-sub-domains/
https://twitter.com/justqdjing
http://news.softpedia.com/news/XSS-Risk-Found-In-Links-to-New-York-Times-Articles-Prior-to-2013-462334.shtml
https://brica.de/alerts/alert/public/791810/cross-site-scripting-xss-vulnerability-in-new-york-times-articles-before-2013/
https://twitter.com/essayjeans
http://infopunk.org/main/blog/2014/10/20/cross-site-scripting-vulnerability-in-mozillas-cross-reference-sub-domains/
http://www.pinterest.com/pin/326018460499818774/
http://www.csoonline.com/article/2136232/application-security/open-redirect-on-yahoo.html
http://sec.jetlib.com/Full_Disclosure/2014/10/19/Mozilla_mozilla.org_Two_Sub-Domains_%28_Cross_Reference%29_XSS_Vulnerability_%28_All_URLs_Under_the_Two_Domains%29
http://t.qq.com/blackswall1544?preview
http://www.securityfocus.com/bid/70603
http://www.scip.ch/en/?vuldb.68036
http://cxsecurity.com/cvepokaz/CVE-2014-2230
http://news.silobreaker.com/cve20142230--openx-open-redirect-vulnerability-5_2268301705772793856
http://www.tetraph.com/blog/cves/cve-2014-2230-openx-open-redirect-vulnerability-2/
http://seclists.org/fulldisclosure/2014/Oct/72
http://www.osvdb.org/creditees/12822-wang-jing
http://infopunk.org/main/blog/2014/10/16/cve-2014-2230-openx-open-redirect-vulnerability/
http://cve.scap.org.cn/CVE-2014-2230.html
http://www.osvdb.org/show/osvdb/113408
http://www.osvdb.org/show/osvdb/113409
http://www.osvdb.org/show/osvdb/106567
http://www.scip.ch/en/?vuldb.13185
http://www.securityfocus.com/bid/70654
http://cxsecurity.com/cveshow/CVE-2014-7292/
http://www.osvdb.org/show/osvdb/113580
http://www.osvdb.org/show/osvdb/106567
http://securitynewswire.com/securitynews2012/article.php?title=CVE20147292_Newtelligence_dasBlog_Open_Redirect_Vulnerability
http://sec.jetlib.com/Full_Disclosure/2014/10/19/CVE-2014-7292_Newtelligence_dasBlog_Open_Redirect_Vulnerability
http://www.venustech.com.cn/NewsInfo/124/30608.Html
http://www.osvdb.org/creditees/12822-wang-jing
http://www.scip.ch/en/?vuldb.13185
http://www.tetraph.com/blog/cves/cve-2014-7292-newtelligence-dasblog-open-redirect-vulnerability/
http://infopunk.org/main/blog/2014/10/20/cve-2014-7292-newtelligence-dasblog-open-redirect-vulnerability/
http://cve.scap.org.cn/CVE-2014-7292.html
http://blog.livedoor.jp/dvw_j/archives/41487850.html
http://essayjeans.blog.163.com/blog/static/237173074201493133220507/
http://computerobsess.blogspot.sg/2014/10/id-oauth.html
https://www.youtube.com/watch?v=HUE8VbbwUms
http://blog.sina.com.cn/s/blog_12ff797370102v5ao.html
http://securityrelated.blogspot.sg/2014/10/sicherheitslucke-in-oauth-20-und-openid.html
http://securityrelated.blogspot.sg/2014/10/openid-oauth-20.html
http://www.tetraph.com/blog/essaybeans/%E8%87%AA%E5%B7%B1%E5%96%9C%E6%AC%A2%E7%9A%84%E5%8F%A4%E4%BB%A3%E7%88%B1%E6%83%85%E8%AF%97-%E5%94%AF%E7%BE%8E%E5%8F%A4%E8%AF%97/
https://www.youtube.com/watch?v=KiNKYD9VRK8
http://vulnerabilitypost.wordpress.com/category/computer-vulnerability/
http://tetraph.wordpress.com/2014/10/31/%E7%94%9F%E6%B4%BB%E5%8F%AA%E6%9C%89%E5%9C%A8%E5%B9%B3%E6%B7%A1%E6%97%A0%E5%91%B3%E7%9A%84%E4%BA%BA%E7%9C%8B%E6%9D%A5%E6%89%8D%E6%98%AF%E7%A9%BA%E8%99%9A%E8%80%8C%E5%B9%B3%E6%B7%A1%E6%97%A0%E5%91%B3/
http://www.tudou.com/programs/view/6qw_vdy5yD0
http://securityrelated.blogspot.sg/2014/10/openid-oauth-20.html
http://essayjeans.blog.163.com/blog/static/237173074201493194049763/
http://v.youku.com/v_show/id_XNzExNDY3OTI0.html
http://blog.sina.com.cn/s/blog_ecd65d410102v6in.html
http://tetraph.blogspot.sg/2014/10/des-vulnerabilites-pour-les-boutons.html
http://whitehatview.tumblr.com/post/101411985996
http://securityrelated.blogspot.sg/2014/10/des-vulnerabilites-pour-les-boutons.html
http://tetraph.com/security/covert-redirect/covert-redirect-vulnerability-related-to-oauth-2-0-and-openid-2/
http://essayjeans.blogspot.sg/2014/10/butterfly-motto-sentences-related-to.html
http://essaybeans.blogspot.sg/2014/10/p-o-e-m-s-look-far-and-beyond-games.html
http://user.qzone.qq.com/2519094351/blog/1414740657
http://www.tetraph.com/security/covert-redirect/%D1%81%D1%82%D1%83%D0%B4%D0%B5%D0%BD%D1%82-%D0%BC%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D0%BA-%D0%BD%D0%B0%D1%88%D1%91%D0%BB-%D1%83%D1%8F%D0%B7%D0%B2%D0%B8%D0%BC%D0%BE%D1%81%D1%82%D1%8C-%D0%B2-ope/
http://www.tetraph.com/blog/covert-redirect/372/
http://mathfas.wordpress.com/2014/10/31/the-book-of-songs-bei-feng-drum/
http://blog.sina.com.cn/s/blog_12ff797370102v5at.html
http://www.pinterest.com/pin/465278205227138203/
http://tetraph.tumblr.com/post/101419755007/the-book-of-songs-bei-feng-drum
http://tetraph.blog.163.com/blog/static/2346030512014931102629791/
http://www.pinterest.com/pin/465278205227138242/
http://blog.sina.com.cn/s/blog_12ff797370102v5au.html
http://user.qzone.qq.com/2519094351/blog/1414744839
http://www.pinterest.com/pin/326018460499818774/
http://www.inzeed.com/kaleidoscope/covert-redirect/otra-brecha-de-seguridad-amenaza-parte-de-internet/
http://www.diebiyi.com/articles/covert-redirect/falha-de-seguranca-afetam-logins-de-facebook/
http://www.tetraph.com/security/covert-redirect/%ED%95%98%ED%8A%B8%EB%B8%94%EB%A6%AC%EB%93%9C-%EC%9D%B4%EC%96%B4-%EC%98%A4%ED%94%88id%EC%99%80-%EC%98%A4%EC%93%B0oauth%EC%84%9C%EB%8F%84-%EC%8B%AC%EA%B0%81/
http://www.inzeed.com/kaleidoscope/covert-redirect/des-vulnerabilites-pour-les-boutons-types-sidentifier-avec-facebook/
http://www.diebyi.com/articles/covert-redirect/sicherheitslucke-in-oauth-2-0-und-openid-gefunden/