Practical attacks on Login CSRF in OAuth. Issue 121 (October 2022)