I Found a Boring Frontend Key. It Turned Into OAuth Token Forgery.
A writeup on how a browser-exposed key led to refresh-token state writes, bearer-token minting, and protected MCP tool access.
Security notes, field reports, and writeups.
A writeup on how a browser-exposed key led to refresh-token state writes, bearer-token minting, and protected MCP tool access.