I don't know the access level of that OAUTh token, but I strongly suggest that you revoke it.
Since this is a public bug and we use PLAINTEXT signature (since calls are over HTTPS), it's possible for other to reuse that token as is.
I don't know the access level of that OAUTh token, but I strongly suggest that you revoke it.
Since this is a public bug and we use PLAINTEXT signature (since calls are over HTTPS), it's possible for other to reuse that token as is.