Executive Summary

Informations
Name CVE-2022-31127 First vendor Publication 2022-07-06
Vendor Cve Last vendor Modification 2024-11-21

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Overall CVSS Score 6.1
Base Score 6.1 Environmental Score 6.1
impact SubScore 2.7 Temporal Score 6.1
Exploitabality Sub Score 2.8
 
Attack Vector Network Attack Complexity Low
Privileges Required None User Interaction Required
Scope Changed Confidentiality Impact Low
Integrity Impact Low Availability Impact None
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Cvss Base Score 4.3 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

NextAuth.js is a complete open source authentication solution for Next.js applications. An attacker can pass a compromised input to the e-mail [signin endpoint](https://next-auth.js.org/getting-started/rest-api#post-apiauthsigninprovider) that contains some malicious HTML, tricking the e-mail server to send it to the user, so they can perform a phishing attack. Eg.: `balazs@email.com, Before signing in, claim your money!`. This was previously sent to `balazs@email.com`, and the content of the email containing a link to the attacker's site was rendered in the HTML. This has been remedied in the following releases, by simply not rendering that e-mail in the HTML, since it should be obvious to the receiver what e-mail they used: next-auth v3 users before version 3.29.8 are impacted. (We recommend upgrading to v4, as v3 is considered unmaintained. next-auth v4 users before version 4.9.0 are impacted. If for some reason you cannot upgrade, the workaround requires you to sanitize the `email` parameter that is passed to `sendVerificationRequest` and rendered in the HTML. If you haven't created a custom `sendVerificationRequest`, you only need to upgrade. Otherwise, make sure to either exclude `email` from the HTML body or efficiently sanitize it.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31127

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1

Sources (Detail)

https://github.com/nextauthjs/next-auth/commit/ae834f1e08a4a9915665eecb9479c7...
https://github.com/nextauthjs/next-auth/releases/tag/next-auth%40v4.9.0
https://github.com/nextauthjs/next-auth/security/advisories/GHSA-pgjx-7f9g-9463
https://next-auth.js.org/getting-started/upgrade-v4
https://next-auth.js.org/providers/email#customizing-emails
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2024-11-28 14:10:57
  • Multiple Updates
2022-07-14 21:27:13
  • Multiple Updates
2022-07-07 00:27:20
  • First insertion