Security Advisory: Insecure email token verification in Prisma adapter #1296
Unanswered
iaincollins
asked this question in
Help
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
We have published a critical security advisory as CVE-2021-21310.
Implementations using the Prisma database adapter with the Email provider are impacted.
All impacted users who are not already running 3.3.0 or newer should upgrade immediately.
Those not able to upgrade can alternatively disable the Email provider.
Thank you to Alessandro Angelino (@AlessandroA) for notifying us of this issue and following responsible disclosure to allow us to address the issue promptly.
Please see the advisory for further details.
Beta Was this translation helpful? Give feedback.
All reactions