CVE-2025-68158 | Authlib up to 1.6.5 FrameworkIntegration.set_state_data cross-site request forgery (GHSA-fg6f-75jq-6523)

A vulnerability was found in Authlib up to 1.6.5. It has been declared as problematic. This affects the function FrameworkIntegration.set_state_data. Executing a manipulation can lead to cross-site request forgery.

This vulnerability is registered as CVE-2025-68158. It is possible to launch the attack remotely. No exploit is available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More