Adamjmcgrath

Name of the Vulnerable Software and Affected Versions: Auth0 Next.js SDK versions prior to 1.6.2 Description: The issue is related to the Auth0 Next.js SDK, a library for implementing user authentication in Next.js applications. Versions before 1.6.2 do not filter out certain `returnTo` parameter values from the login url, exposing the application to an open redirect vulnerability. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue. Recommendations: Upgrade to version 1.6.2 or later, as this version contains the necessary fix for the issue. This update will not affect users.