Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2025-27143
Analyzed
More InfoOfficial Page
Source-security-advisories@github.com
View Known Exploited Vulnerability (KEV) details
Published At-24 Feb, 2025 | 23:15
Updated At-28 Feb, 2025 | 16:07

Better Auth is an authentication and authorization library for TypeScript. Prior to version 1.1.21, the application is vulnerable to an open redirect due to improper validation of the callbackURL parameter in the email verification endpoint and any other endpoint that accepts callback url. While the server blocks fully qualified URLs, it incorrectly allows scheme-less URLs. This results in the browser interpreting the URL as a fully qualified URL, leading to unintended redirection. An attacker can exploit this flaw by crafting a malicious verification link and tricking users into clicking it. Upon successful email verification, the user will be automatically redirected to the attacker's website, which can be used for phishing, malware distribution, or stealing sensitive authentication tokens. This CVE is a bypass of the fix for GHSA-8jhw-6pjj-8723/CVE-2024-56734. Version 1.1.21 contains an updated patch.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.06.9MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary3.16.1MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Type: Secondary
Version: 4.0
Base score: 6.9
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Primary
Version: 3.1
Base score: 6.1
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CPE Matches
better-auth
better-auth
>>better_auth>>Versions before 1.1.21(exclusive)
cpe:2.3:a:better-auth:better_auth:*:*:*:*:*:node.js:*:*
Weaknesses
CWE IDTypeSource
CWE-601Primarysecurity-advisories@github.com
CWE ID: CWE-601
Type: Primary
Source: security-advisories@github.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/better-auth/better-auth/commit/24659aefc35a536b95ea4e5347e52c8803910153security-advisories@github.com
Patch
https://github.com/better-auth/better-auth/commit/b381cac7aafd6aa53ef78b6ab771ebfa24643c80security-advisories@github.com
Patch
https://github.com/better-auth/better-auth/releases/tag/v1.1.21security-advisories@github.com
Release Notes
https://github.com/better-auth/better-auth/security/advisories/GHSA-8jhw-6pjj-8723security-advisories@github.com
Not Applicable
https://github.com/better-auth/better-auth/security/advisories/GHSA-hjpm-7mrm-26w8security-advisories@github.com
Vendor Advisory
Hyperlink: https://github.com/better-auth/better-auth/commit/24659aefc35a536b95ea4e5347e52c8803910153
Source: security-advisories@github.com
Resource:
Patch
Hyperlink: https://github.com/better-auth/better-auth/commit/b381cac7aafd6aa53ef78b6ab771ebfa24643c80
Source: security-advisories@github.com
Resource:
Patch
Hyperlink: https://github.com/better-auth/better-auth/releases/tag/v1.1.21
Source: security-advisories@github.com
Resource:
Release Notes
Hyperlink: https://github.com/better-auth/better-auth/security/advisories/GHSA-8jhw-6pjj-8723
Source: security-advisories@github.com
Resource:
Not Applicable
Hyperlink: https://github.com/better-auth/better-auth/security/advisories/GHSA-hjpm-7mrm-26w8
Source: security-advisories@github.com
Resource:
Vendor Advisory
Change History
0Changes found
Details not found