CNNVD-202507-761 Information
Jul 07, 2025
cve
CNNVD ID
CNNVD-202507-761
Related CVE
- CNNVD Published: 2025-07-07
Description (Chinese)
Better Auth是Better Auth开源的一个 TypeScript 最全面的身份验证框架。 Better Auth 1.2.10之前版本存在输入验证错误漏洞,该漏洞源于originCheck中间件函数中存在开放重定向,可能导致重定向攻击。
Description (English)
Better Auth is one of the most comprehensive TypScript authentication frameworks for Better Auth. The pre-Better Auth 1.2.10 version has an input verification error loophole, which stems from the open redirection in the originCheck intermediate function, which may lead to a redirection attack.
Hazard Level
High
Vulnerability Type
输入验证错误
Affected Vendor
Better Auth
Published
2025-07-07
Last Modified
2026-02-24
References
https://github.com/better-auth/better-auth/security/advisories/GHSA-36rg-gfq2-3h56 https://access.redhat.com/security/cve/cve-2025-53535
Patch
https://github.com/better-auth/better-auth/releases
Share on: