{"data":{"id":"03862a73-8e60-46df-8595-0d28316563c3","title":"GHSA-w5cr-2qhr-jqc5: Cloudflare Agents has a Reflected Cross-Site Scripting (XSS) vulnerability in AI Playground site","summary":"A Reflected XSS vulnerability (reflected XSS, where malicious code is injected through a URL parameter and executed in a user's browser) was found in Cloudflare Agents' AI Playground OAuth callback handler. An attacker could craft a malicious link that, when clicked, steals user chat history, LLM interactions, and could control connected MCP Servers (tools that extend what an AI can do) on behalf of the victim.","solution":"Agents-sdk users should upgrade to agents@0.3.10. Developers using configureOAuthCallback with custom error handling should ensure all user-controlled input is escaped (converted to safe text that won't be interpreted as code) before being inserted into HTML. See PR: https://github.com/cloudflare/agents/pull/841","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-w5cr-2qhr-jqc5","publishedAt":"2026-02-13T21:04:00.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":"medium","severity":"medium","attackType":["other"],"issueType":"vulnerability","affectedPackages":["agents@< 0.3.10 (fixed: 0.3.10)"],"affectedVendors":[],"affectedVendorsRaw":["Cloudflare Agents","Cloudflare AI Playground"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"trivial","impactType":["confidentiality","integrity"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}