A team from API security firm Salt Security's Salt Labs discovered the flaw, tracked as CVE-2023-28131, in the OAuth implementation in Expo, an open source framework for developing native mobile ...