3 matches found
CVE-2025-4143
The OAuth implementation in workers-oauth-provider that is part of MCP framework https://github.com/cloudflare/workers-mcp , did not correctly validate that redirecturi was on the allowed list of redirect URIs for the given client registration. Fixed in: ...
CVE-2025-4143
creationtimestamp| type| source ---|---|--- 2025-05-01 01:13:33+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/14210 2025-05-01 01:56:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lo37f5g75v2e 2025-05-01 04:48:02+00:00| seen|...
CVE-2025-4143 Missing validation of redirect_uri on authorize endpoint
The OAuth implementation in workers-oauth-provider that is part of MCP framework https://github.com/cloudflare/workers-mcp , did not correctly validate that redirecturi was on the allowed list of redirect URIs for the given client registration. Fixed in: ...