CVE-2024-11023: Firebase Sdk Auth Token Sync Url Leak
The application retrieves the 'authTokenSyncURL' experimental configuration but fails to verify that it represents a local domain path. An attacker who can pre-set the corresponding cookie (e.g., FIREBASE_DEFAULTS) could direct auth tokens to an external server. Ensure the URL is validated to start with '/' before usage.
Provally CuratedPublic repositoryMediumMedium confidenceVerifiedApache-2.0
TS
TSgreprules fetch cve-2024-11023-firebase-sdk-auth-token-sync-url-leak --engine opengrepDescription
The application retrieves the 'authTokenSyncURL' experimental configuration but fails to verify that it represents a local domain path. An attacker who can pre-set the corresponding cookie (e.g., FIREBASE_DEFAULTS) could direct auth tokens to an external server. Ensure the URL is validated to start with '/' before usage.
Community feedback
0 signals from signed-in users.
- Useful
- 0
- False positive
- 0
- Metadata
- 0