CVE-2024-29901 | workos authkit-nextjs up to 0.4.1 x-workos-session authentication replay

Posted by Angelo Barbosa | Mar 29, 2024 | CVE

A vulnerability classified as critical has been found in workos authkit-nextjs up to 0.4.1. This affects an unknown part. The manipulation of the argument x-workos-session leads to authentication bypass by capture-replay.

This vulnerability is uniquely identified as CVE-2024-29901. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-29901 | workos authkit-nextjs up to 0.4.1 x-workos-session authentication replay

Related Posts

CVE-2024-6570 | Glossary Plugin up to 2.2.26 on WordPress information disclosure

CVE-2024-2726 | Ciges CIGESv2 cross site scripting

CVE-2024-1477 | aankit Easy Maintenance Mode Plugin up to 1.4.2 on WordPress REST API information disclosure

CVE-2024-33048 | Qualcomm Snapdragon Auto up to X75 5G Modem-RF System Response Frame buffer over-read