Firebase JavaScript SDK allows attackers to manipulate the "_authTokenSyncURL" to point to their own server

Severity:: Medium

Description

Firebase JavaScript SDK utilizes a “FIREBASE_DEFAULTS” cookie to store configuration data, including an “_authTokenSyncURL” field used for session synchronization.

Recommendation

Update the firebase package to the latest compatible version. Followings are version details:

Affected version(s): < 10.9.0
Patched version(s): 10.9.0

References

GHSA-3wf4-68gx-mph8
firebase.google.com
CVE-2024-11023
CWE-79
CAPEC-310
OWASP 2021-A3
OWASP 2021-A6

Related Issues

Microsoft Playwright MCP Server vulnerable to DNS Rebinding Attack; Allows Attackers Access to All Server Tools - CVE-2025-9611
AngularJS allows attackers to bypass common image source restrictions - angular - CVE-2024-8373
AngularJS allows attackers to bypass common image source restrictions - CVE-2024-8372
Strapi allows Server-Side Request Forgery in Webhook function - CVE-2024-52588

How to Secure your NodeJs Express Javascript Application - part 1

How to Secure your NodeJs Express Javascript Application - part 2

Exploiting Server Version Disclosure

Tags:: npm; firebase

Anything's wrong? Let us know Last updated on November 18, 2024