OAuth Dynamic Client Registration allows for various metadata fields such as 'client_name', 'website_uri' during the registration process. When the OAuth server accepts permissive values for such fields, such as ones starting with javascript://, an attacker could exploit this to perform Cross-Site Scripting (XSS) attacks. OAuth Dynamic Client Registration is very common in the context of Model Context Protocol (MCP) servers, allowing attackers to target AI developers No source…Read More