CVE-2025-53535
Better Auth has an Open Redirect Vulnerability in originCheck Middleware Affecting Multiple Routes
Better Auth is an authentication and authorization library for TypeScript. An open redirect has been found in the originCheck middleware function, which affects the following routes: /verify-email, /reset-password/:token, /delete-user/callback, /magic-link/verify, /oauth-proxy-callback. This vulnerability is fixed in 1.2.10.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
Produtos afetados
better-auth · better-authQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →