CVE-2025-68481 | fastapi-users FastAPI up to 15.0.1 /authorize generate_state_token improper authorization (GHSA-5j53-63w8-8625)

Full Article URL: https://vuldb.com/?id.337666
Textarea URL (this page): <a href="https://textarea.nl/i/eNrLKCkpKLbS1y8rzUlJ0kvOz9W3z0zRMzY2NzMzAwCQUAj-_2025-12-19">https://textarea.nl/i/eNrLKCkpKLbS1y8rzUlJ0kvOz9W3z0zRMzY2NzMzAwCQUAj-_2025-12-19
Source: https://vuldb.com/?rss.recent
Vuldb: https://vuldb.com
Publication date: 2025-12-19 23:03:07
Last retrieval: 2025-12-20 05:45:47.528444

23:03 - 19 Dec 2025

vuldb.com

A vulnerability classified as critical has been found in fastapi-users FastAPI up to 15.0.1. This impacts the function generate_state_token of the file /authorize. Performing manipulation results in improper authorization. This vulnerability is known as CVE-2025-68481. Remote exploitation of the attack is possible. No exploit is available. It is recommended to upgrade the affected component.

https://vuldb.com/?id.337666

Article info: