Open Redirection

better-auth is vulnerable to an Open Redirect. The vulnerability is due to insufficient validation of the callbackURL parameter in the verify email endpoint. Attackers can manipulate this parameter to redirect users to malicious websites because the origin checker only validates POST requests, and email verification relies solely on JWT without properly validating the target…Read More