Stop the presses.
Forbes – A blog post from Imperva filed under “Research” makes the breathless claim that the author was able to impersonate someone else and execute a cross-site scripting phishing scam by exploiting flaws in the Auth0 identity-as-a-service platform.