## Apprentice Level
- ✅ [[1. Authentication bypass via OAuth implicit flow]]
## Practitioner Level
- ✅ [[2. SSRF via OpenID dynamic client registration]]
- ✅ [[3. Forced OAuth profile linking]]
- ✅ [[4. OAuth account hijacking via redirect_uri]]
- ✅ [[5. File path traversal, validation of start of path]]
- ✅ [[6. File path traversal, validation of file extension with null byte bypass]]