+- Dark C0d3rs (https://darkcoders.wiki)
+-- Forum: Exploit Log (https://darkcoders.wiki/Forum-Exploit-Log)
+--- Forum: Research Papers/Vulnerability reports (https://darkcoders.wiki/Forum-Research-Papers-Vulnerability-reports)
+--- Thread: HackerOne Disclosed Reports - 2025-12-16 (/Thread-HackerOne-Disclosed-Reports-2025-12-16)
HackerOne disclosed reports - 2025-12-16 - hashXploiter - 12-17-2025
Low
resolved
resolved
Second-Order XSS via javascript protocol in MCP Server Portal Apps leads to ATO
Bug reported by Nishant was disclosed at December 16, 2025, 9:47 am | Cross-site Scripting (XSS) - Stored
The vulnerability in the MCP Server Portal Apps was caused by missing sanitization of the redirect_uri parameter, leading to a second-order XSS vulnerability. An attacker could craft a malicious redirect_uri containing JavaScript code, obtain a client_id for this URI, and reuse it when a victim had an active session on the /authorize endpoint to execute arbitrary JavaScript.