CVE-2024-56734 | better-auth up to 1.1.5 Email Verification callbackURL redirect (GHSA-8jhw-6pjj-8723)

Posted by Angelo Barbosa | Dec 30, 2024 | CVE

A vulnerability has been found in better-auth up to 1.1.5 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Email Verification Handler. The manipulation of the argument callbackURL leads to open redirect.

This vulnerability is known as CVE-2024-56734. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-56734 | better-auth up to 1.1.5 Email Verification callbackURL redirect (GHSA-8jhw-6pjj-8723)

Related Posts

CVE-2024-6428 | Mattermost up to 9.5.5/9.6.2/9.7.4/9.8.0 User Management access control

CVE-2024-0172 | Dell PowerEdge Server BIOS/Precision Rack BIOS privileges management (dsa-2024-035)

CVE-2024-29143 | Cozmoslabs Passwordless Login Plugin up to 1.1.2 on WordPress cross site scripting

CVE-2024-25974 | Frentix OpenOlat LMS up to 18.1.5 SVG Image cross site scripting