🚨 OAuth Account Takeover PoC

Authorized Bug Bounty Research
Researcher: lucasfutures (HackerOne)
Target: Anthropic + third-party MCP OAuth servers
Demonstrates: Insecure DCR allows arbitrary redirect_uri leading to OAuth code theft

Loading...