CVE-2025-24856 – causal/oidc

Package

Manager: composer
Name: causal/oidc
Vulnerable Version: >=3.0.0 <4.0.0

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00033 pctl0.08018

Details

TYPO3-EXT-SA-2025-001: Account Takeover in extension "OpenID Connect Authentication" (oidc) ## Problem Description A vulnerability in the account linking logic of the extension allows a pre-hijacking attack leading to Account Takeover. The attack can only be exploited if the following requirements are met: - An attacker can anticipate the email address of the user. - An attacker can register a public frontend user account using that email address before the user's first OIDC login. - The IDP returns the field email containing the email address of the user ## Solution An updated versions 4.0.0 is available from the TYPO3 extension manager, packagist and at https://extensions.typo3.org/extension/download/oidc/4.0.0/zip Users of the extension are advised to update the extension as soon as possible.

Metadata

Created: 2025-01-28T19:15:44Z
Modified: 2025-03-17T20:23:43Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/01/GHSA-hj78-p4h7-m5fv/GHSA-hj78-p4h7-m5fv.json
CWE IDs: ["CWE-288", "CWE-348", "CWE-639"]
Alternative ID: GHSA-hj78-p4h7-m5fv
Finding: F274
Auto approve: 1