Appcheckng

**Name of the Vulnerable Software and Affected Versions** Auth0 auth0.js library versions prior to 8.12 **Description** A cross-origin issue has been discovered in the Auth0 auth0.js library. This issue allows an attacker to acquire authenticated users' tokens and invoke services on a user's behalf if the target site or application uses a popup callback page with `auth0.popup.callback()`. **Recommendations** For versions prior to 8.12, update to version 8.12 or later to resolve the issue. As a temporary workaround, consider avoiding the use of `auth0.popup.callback()` for popup callback pages until the update is applied.