Security Flaw in Actions OAuth token refresh

When using oauth for custom action authentication, only the first-ever values entered in the client id / secret fields for a given domain are ever valid. The gpt will use a subsequently entered secret in the payload for calls to api endpoints, but only the first-entered value continues to be included in the payload for calls to the token url when refreshing the access token. This holds true across gpts and across openai user accounts: if another account creates a gpt with an action utilizing the same domain, they will be unable to use their own client id / secret, and will be able to retrieve the first-entered secret when the gpt tries to use it to refresh the access token. This seems to be a serious security flaw.