Security Advisory

CVE-2021-43812

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-12-16 18:20:12

Last updated 2024-08-04 04:03:08

Assigner GitHub_M

State PUBLISHED

Description

The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. Versions before 1.6.2 do not filter out certain returnTo parameter values from the login url, which expose the application to an open redirect vulnerability. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue.

← Browse all CVEs View on cve.org ↗