Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Reflected Cross-Site Scripting (XSS) vulnerability in AI Playground site
Vulnerability Description
Summary A Reflected Cross-Site Scripting (XSS) vulnerability was discovered in the AI Playground's OAuth callback handler. The `error_description` query parameter was directly interpolated into an HTML script tag without proper escaping, allowing attackers to execute arbitrary JavaScript in the context of the victim's session. Root cause The OAuth callback handler in `site/ai-playground/src/server.ts` directly interpolated the `authError` value, sourced from the `error_description` query parameter, into an inline `<script>` tag. Impact An attacker could craft a malicious link that, when clicked by a victim, would: * Steal user chat message history - Access all LLM interactions stored in the user's session. * Access connected MCP Servers - Interact with any MCP servers connected to the victim's session (public or authenticated/private), potentially allowing the attacker to perform actions on the victim's behalf Mitigation: * PR: https://github.com/cloudflare/agents/pull/841 https://github.com/cloudflare/agents/pull/841 * Agents-sdk users should upgrade to agents@0.3.10 * Developers using configureOAuthCallback with custom error handling in their own applications should ensure all user-controlled input is escaped before interpolation.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cloudflare Agents 安全漏洞
Vulnerability Description
Cloudflare Agents是Cloudflare开源的一个在Cloudflare上构建和部署AI代理的工具。 Cloudflare Agents存在安全漏洞,该漏洞源于AI Playground的OAuth回调处理程序未对error_description查询参数进行适当转义,可能导致反射型跨站脚本攻击,从而窃取用户聊天记录或访问连接的MCP服务器。
CVSS Information
N/A
Vulnerability Type
N/A