Firebase JavaScript SDK allows attackers to manipulate the "_authTokenSyncURL" to point to their own server
- Severity:
- Medium
Description
Firebase JavaScript SDK utilizes a “FIREBASE_DEFAULTS” cookie to store configuration data, including an “_authTokenSyncURL” field used for session synchronization.
Recommendation
Update the firebase package to the latest compatible version. Followings are version details:
- Affected version(s): < 10.9.0
- Patched version(s): 10.9.0
References
Related Issues
- es5-ext vulnerable to Regular Expression Denial of Service in `function#copy` and `function#toStringTokens` - CVE-2024-27088
- Redwood is vulnerable to account takeover via dbAuth "forgot-password - Vulnerability
- Parse Server before v3.4.1 vulnerable to Denial of Service - CVE-2019-1020012
- Incorrect default cookie name and recommendation - Vulnerability
- Tags:
- npm
- firebase
Anything's wrong? Let us know Last updated on November 18, 2024