CVE-2021-32702 - Vulnerability Details

Vendors	Products
Auth0	Nextjs-auth0

Link	Providers
https://github.com/auth0/nextjs-auth0/commit/6996e2528ceed98627caa28abafbc09e90163ccf
https://github.com/auth0/nextjs-auth0/security/advisories/GHSA-954c-jjx6-cxv7
https://www.npmjs.com/package/%40auth0/nextjs-auth0

{"containers": {"cna": {"affected": [{"product": "nextjs-auth0", "vendor": "auth0", "versions": [{"status": "affected", "version": "< 1.4.2"}]}], "descriptions": [{"lang": "en", "value": "The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. Versions before and including `1.4.1` are vulnerable to reflected XSS. An attacker can execute arbitrary code by providing an XSS payload in the `error` query parameter which is then processed by the callback handler as an error message. You are affected by this vulnerability if you are using `@auth0/nextjs-auth0` version `1.4.1` or lower **unless** you are using custom error handling that does not return the error message in an HTML response. Upgrade to version `1.4.1` to resolve. The fix adds basic HTML escaping to the error message and it should not impact your users."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-06-25T16:25:10", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/auth0/nextjs-auth0/security/advisories/GHSA-954c-jjx6-cxv7"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/auth0/nextjs-auth0/commit/6996e2528ceed98627caa28abafbc09e90163ccf"}, {"tags": ["x_refsource_MISC"], "url": "https://www.npmjs.com/package/%40auth0/nextjs-auth0"}], "source": {"advisory": "GHSA-954c-jjx6-cxv7", "discovery": "UNKNOWN"}, "title": "Reflected XSS from the callback handler's error query parameter", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2021-32702", "STATE": "PUBLIC", "TITLE": "Reflected XSS from the callback handler's error query parameter"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "nextjs-auth0", "version": {"version_data": [{"version_value": "< 1.4.2"}]}}]}, "vendor_name": "auth0"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. Versions before and including `1.4.1` are vulnerable to reflected XSS. An attacker can execute arbitrary code by providing an XSS payload in the `error` query parameter which is then processed by the callback handler as an error message. You are affected by this vulnerability if you are using `@auth0/nextjs-auth0` version `1.4.1` or lower **unless** you are using custom error handling that does not return the error message in an HTML response. Upgrade to version `1.4.1` to resolve. The fix adds basic HTML escaping to the error message and it should not impact your users."}]}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}]}, "references": {"reference_data": [{"name": "https://github.com/auth0/nextjs-auth0/security/advisories/GHSA-954c-jjx6-cxv7", "refsource": "CONFIRM", "url": "https://github.com/auth0/nextjs-auth0/security/advisories/GHSA-954c-jjx6-cxv7"}, {"name": "https://github.com/auth0/nextjs-auth0/commit/6996e2528ceed98627caa28abafbc09e90163ccf", "refsource": "MISC", "url": "https://github.com/auth0/nextjs-auth0/commit/6996e2528ceed98627caa28abafbc09e90163ccf"}, {"name": "https://www.npmjs.com/package/@auth0/nextjs-auth0", "refsource": "MISC", "url": "https://www.npmjs.com/package/@auth0/nextjs-auth0"}]}, "source": {"advisory": "GHSA-954c-jjx6-cxv7", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T23:25:31.131Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/auth0/nextjs-auth0/security/advisories/GHSA-954c-jjx6-cxv7"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/auth0/nextjs-auth0/commit/6996e2528ceed98627caa28abafbc09e90163ccf"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.npmjs.com/package/%40auth0/nextjs-auth0"}]}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2021-32702", "datePublished": "2021-06-25T16:25:11", "dateReserved": "2021-05-12T00:00:00", "dateUpdated": "2024-08-03T23:25:31.131Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:auth0:nextjs-auth0:*:*:*:*:*:node.js:*:*", "matchCriteriaId": "F04AAC80-E950-4A31-B658-C7B7825CE71E", "versionEndExcluding": "1.4.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. Versions before and including `1.4.1` are vulnerable to reflected XSS. An attacker can execute arbitrary code by providing an XSS payload in the `error` query parameter which is then processed by the callback handler as an error message. You are affected by this vulnerability if you are using `@auth0/nextjs-auth0` version `1.4.1` or lower **unless** you are using custom error handling that does not return the error message in an HTML response. Upgrade to version `1.4.1` to resolve. The fix adds basic HTML escaping to the error message and it should not impact your users."}, {"lang": "es", "value": "El SDK de Auth0 Next.js es una biblioteca para implementar la autenticaci\u00f3n de usuarios en las aplicaciones Next.js. Las versiones anteriores a la \"1.4.1\" e incluy\u00e9ndola, son vulnerables a un ataque de tipo XSS reflejado. Un atacante puede ejecutar c\u00f3digo arbitrario al proporcionar una carga \u00fatil de tipo XSS en el par\u00e1metro de consulta \"error\" que luego es procesado por el controlador de devoluci\u00f3n de llamada como un mensaje de error. Est\u00e1 afectado por esta vulnerabilidad si est\u00e1 usando \"@auth0/nextjs-auth0\" versi\u00f3n \"1.4.1\" o inferior **a menos que** est\u00e9 usando un manejo de errores personalizado que no devuelva el mensaje de error en una respuesta HTML. Actualizar a versi\u00f3n \"1.4.1\" para solucionarlo. La correcci\u00f3n a\u00f1ade un escape HTML b\u00e1sico al mensaje de error y no deber\u00eda afectar a sus usuarios"}], "id": "CVE-2021-32702", "lastModified": "2024-11-21T06:07:33.770", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 5.8, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-06-25T17:15:08.383", "references": [{"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/auth0/nextjs-auth0/commit/6996e2528ceed98627caa28abafbc09e90163ccf"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/auth0/nextjs-auth0/security/advisories/GHSA-954c-jjx6-cxv7"}, {"source": "security-advisories@github.com", "url": "https://www.npmjs.com/package/%40auth0/nextjs-auth0"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/auth0/nextjs-auth0/commit/6996e2528ceed98627caa28abafbc09e90163ccf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/auth0/nextjs-auth0/security/advisories/GHSA-954c-jjx6-cxv7"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.npmjs.com/package/%40auth0/nextjs-auth0"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object