CVE-2026-13543 | Documenso up to 2.11.0 Google OAuth Login handle-oauth-callback-url.ts improper authentication (Issue 2758)

Inserito da Angelo Barbosa | Giu 28, 2026 | CVE

A vulnerability categorized as critical has been discovered in Documenso up to 2.11.0. Affected by this vulnerability is an unknown functionality of the file packages/auth/server/lib/utils/handle-oauth-callback-url.ts of the component Google OAuth Login. The manipulation results in improper authentication.

This vulnerability is known as CVE-2026-13543. It is possible to launch the attack remotely. Furthermore, an exploit is available.

The pull request to fix this issue awaits acceptance.

CVE-2026-13543 | Documenso up to 2.11.0 Google OAuth Login handle-oauth-callback-url.ts improper authentication (Issue 2758)

Post correlati

CVE-2025-8127 | deerwms deer-wms-2 up to 3.3 /system/user/list params[dataScope] sql injection (ICLQT8)

CVE-2025-4886 | itsourcecode Sales and Inventory System 1.0 product_update.php serial sql injection

CVE-2025-13569 | itsourcecode COVID Tracking System 1.0 /admin/?page=city sql injection

CVE-2024-25225 | Simple Admin Panel App 1.0 Add Category Category Name cross site scripting