Salt Security discovered the vulnerabilities in implementations of the OAuth protocol