Security audit report documenting an OAuth privilege-escalation vulnerability in Cloudflare Workers
What it does
This endpoint on the Every Good Work Codex platform purports to host a security audit or red-team report describing how a security fix inadvertently introduced a privilege-escalation vulnerability. Specifically, an empty subject field on a pre-seeded public OAuth client allowed any authenticated user to mint tokens for any wallet address. The report covers the live exploit proof and the remediation path.
The Every Good Work platform (codex.everygoodwork.io) is a content marketplace where creators connect Ethereum wallets, upload content, and receive 100% of sales revenue directly to their wallet. The platform uses prepaid credits for hosting infrastructure. Content is gated and appears to be intended for sale via crypto-payment protocols.
However, during probing this specific endpoint did not return a 402 x402 payment challenge. A POST request returned 403 Forbidden and a GET returned 401 Unauthorized, suggesting the endpoint requires authentication but is not currently operating as a standard x402 paywall. No OpenAPI schema, AI plugin manifest, or documentation pages were found. The endpoint's actual availability for agent purchase is uncertain.
Capabilities
Use cases
- —Reviewing a documented OAuth privilege-escalation exploit and its remediation
- —Understanding empty-subject OAuth attack vectors in Cloudflare Workers environments
- —Red-team reference material for authentication system audits
Fit
Best for
- —Security researchers studying OAuth implementation flaws
- —Developers hardening Cloudflare Workers authentication
- —Red-team practitioners looking for real-world exploit case studies
Not for
- —Automated API consumption — endpoint does not return a standard x402 challenge
- —General-purpose content hosting or file storage
Quick start
# Endpoint did not return a 402 x402 challenge during probing.
# POST returned 403; GET returned 401.
# Standard x402 payment flow may not be available.
curl -X GET https://codex.everygoodwork.io/0x1C1Ee78b938Af5333D3a99BF659e9aa771d8A8D5/oauth-empty-subject-privilege-escalation-bypass-cloudflare-workers-red-team-fixEndpoint
Quality
The endpoint did not return a 402 x402 payment challenge on either POST or GET (403 and 401 respectively), so it cannot be confirmed as a live x402 endpoint. No OpenAPI schema, documentation, pricing, or example responses were found. The listing is effectively a stub based solely on the existing title and description.
Warnings
- —Endpoint did not return HTTP 402 on POST (got 403) or GET (got 401) — x402 payment protocol not confirmed active
- —No OpenAPI schema or API documentation found at the origin
- —No pricing or payment details could be determined
- —The /docs, /api, /pricing, and /README paths all return 404
- —Endpoint functionality and content are inferred entirely from the existing title/description — no direct verification was possible
Citations
- —Every Good Work platform states 100% of every sale goes directly to the creator's wallet, with prepaid credits for hosting infrastructurehttps://codex.everygoodwork.io
- —POST to the endpoint returned 403 and GET returned 401, not the expected 402 x402 challengehttps://codex.everygoodwork.io/0x1C1Ee78b938Af5333D3a99BF659e9aa771d8A8D5/oauth-empty-subject-privilege-escalation-bypass-cloudflare-workers-red-team-fix