CVE-2025-27143

Summary

CVE-2025-27143 is a vulnerability affecting the Better Auth library for TypeScript, version prior to 1.1.21. The issue lies in the lack of proper validation of the callbackURL parameter in various endpoints, allowing scheme-less URLs that can lead to open redirects. Though the server rejects fully qualified URLs, it fails to prevent scheme-less ones, resulting in unintended webpage redirections. An attacker can manipulate this flaw by constructing malicious verification links and deceiving users into clicking them. Upon email verification, the user will unwittingly be redirected to the attacker's site, potentially exposing them to phishing, malware, or token theft. This vulnerability is a bypass of the patch for CVE-2024-56734, and the latest version 1.1.21 includes an updated fix.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.