CVE-2024-51752 – Next.js AuthKit Console Logging of Refresh Tokens

11月 5, 2024
9:17 pm

CVE ID : CVE-2024-51752

Published : Nov. 5, 2024, 8:15 p.m. | 1 hour, 2 minutes ago

Description : The AuthKit library for Next.js provides convenient helpers for authentication and session management using WorkOS & AuthKit with Next.js. In affected versions refresh tokens are logged to the console when the disabled by default `debug` flag, is enabled. This issue has been patched in version 0.13.2 and all users are advised to upgrade. There are no known workarounds for this vulnerability.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-51752 – Next.js AuthKit Console Logging of Refresh Tokens

Elvescore.io

Recent Posts

CVE-2024-56199 – phpMyFAQ HTML Injection Vulnerability

CVE-2025-0173 – SourceCodester Online Eyewear Shop SQL Injection Vulnerability

CVE-2024-11716 – CTFd Team Bracket Reassignment Vulnerability ( Privilege Escalation )

CVE-2024-11717 – CTFd TokenForgeable Authentication

CVE-2022-45811 – WeyHan Ng Post Teaser Missing Authorization

CVE-2022-47601 – “JoomUnited WP Table Manager Authorization Bypass”

CVE-2024-51752 – Next.js AuthKit Console Logging of Refresh Tokens

CVE-2024-51752 – Next.js AuthKit Console Logging of Refresh Tokens