Open Redirect Vulnerability in Better Auth Authentication Library for TypeScript
CVE-2025-53535
2.1LOW
What is CVE-2025-53535?
A vulnerability exists in the Better Auth authentication and authorization library for TypeScript, specifically within the originCheck middleware function. This issue leads to open redirects on critical routes including /verify-email, /reset-password/:token, /delete-user/callback, /magic-link/verify, and /oauth-proxy-callback. Users are at risk of being redirected to malicious sites, exposing sensitive user data. The issue is addressed in Better Auth version 1.2.10.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
better-auth < 1.2.10
References
CVSS V4
Score:
2.1
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown
Timeline
Vulnerability published
Vulnerability Reserved