CVE-2026-1721

CVE-2026-1721

Summary A Reflected Cross-Site Scripting (XSS) vulnerability was discovered in the AI Playground's OAuth callback handler. The `error_description` query parameter was directly interpolated into an HTML script tag without proper escaping…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.004 (28.9th percentile) — read the EPSS interpretation.

Weakness classification (CWE)

References