Cloudflare Public Bug Bounty: Second-Order XSS via javascript protocol in MCP Server Portal Apps leads to ATO

The vulnerability in the MCP Server Portal Apps was caused by missing sanitization of the redirecturi parameter, leading to a second-order XSS vulnerability. An attacker could craft a malicious redirecturi containing JavaScript code, obtain a clientid for this URI, and reuse it when a victim had ...