Back to list

Scope elevation attacks via parameter manipulation

7/10 High

Client applications or malicious attackers can manipulate the scope parameter during OAuth token exchange to request more permissions than originally authorized. This allows unauthorized access to user data beyond the initial token scope.

OAuth 2.0
Category
security
Workaround
solid
Stage
build
Freshness
persistent
Scope
framework
Upstream
open
Recurring
Yes
Buyer Type
team
Maintainer
active

Sources

Collection History

Query: “What are the most common pain points with OAuth 2.0 for developers in 2025?3/31/2026

A malicious client application could exploit a user token to access more information than it is authorised to, by modifying the scope parameter when exchanging with the OAuth server...An attacker could intercept a user's token and contact the /userinfo endpoint of the OAuth server, while modifying the scope.

Created: 3/31/2026Updated: 3/31/2026