Publish GHSA-mr6f-h57v-rpj5

advisory-database[bot] · advisory-database[bot] · commit b2648b83a685 · 2025-12-10T21:37:28.000Z
diff --git a/advisories/github-reviewed/2025/12/GHSA-mr6f-h57v-rpj5/GHSA-mr6f-h57v-rpj5.json b/advisories/github-reviewed/2025/12/GHSA-mr6f-h57v-rpj5/GHSA-mr6f-h57v-rpj5.json
@@ -0,0 +1,61 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-mr6f-h57v-rpj5",
+  "modified": "2025-12-10T21:35:58Z",
+  "published": "2025-12-10T21:35:58Z",
+  "aliases": [
+    "CVE-2025-67716"
+  ],
+  "summary": "Improper Validation of Query Parameters in Auth0 Next.js SDK",
+  "details": "### Description\nAn input-validation flaw in the returnTo parameter in the Auth0 Next.js SDK could allow attackers to inject unintended OAuth query parameters into the Auth0 authorization request. Successful exploitation may result in tokens being issued with unintended parameters\n\n### Am I Affected?\nYou are affected if you meet the following preconditions:\n- Applications using the auth0/nextjs-auth0 SDK version prior to 4.13.0\n\n### Affected product and versions\nAuth0/nextjs-auth0 versions >= 4.9.0 and < 4.13.0\n\n\n### Resolution\nUpgrade Auth0/nextjs-auth0 version to v4.13.0\n\n### Acknowledgements\nOkta would like to thank Joshua Rogers for their discovery and responsible disclosure.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "npm",
+        "name": "@auth0/nextjs-auth0"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "4.9.0"
+            },
+            {
+              "fixed": "4.13.0"
+            }
+          ]
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "type": "WEB",
+      "url": "https://github.com/auth0/nextjs-auth0/security/advisories/GHSA-mr6f-h57v-rpj5"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/auth0/nextjs-auth0/commit/35eb321de3345ccf23e8c0d6f66c9f2f2f57d26c"
+    },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/auth0/nextjs-auth0"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-184"
+    ],
+    "severity": "LOW",
+    "github_reviewed": true,
+    "github_reviewed_at": "2025-12-10T21:35:58Z",
+    "nvd_published_at": null
+  }
+}
