2026-02-13 01:46:48
cloudflare
PUBLISHED
Summary A Reflected Cross-Site Scripting (XSS) vulnerability was discovered in the AI Playgrounds OAuth callback handler. The `error_description` query parameter was directly interpolated into an HTML script tag without proper escaping, allowing attackers to execute arbitrary JavaScript in the context of the victims session. Root cause The OAuth callback handler in `site/ai-playground/src/server.ts` directly interpolated the `authError` value, sourced from the `error_description` query parameter, into an inline `