Langfuse SSO Account Takeover Vulnerability via CSRF or Phishing

A vulnerability allowing potential account takeover has been identified in Langfuse, an open-source large language model engineering platform. This issue affects versions 2.95.0 prior to 2.95.12 and 3.17.0 prior to 3.131.0. The vulnerability arises in Single Sign-On (SSO) provider configurations that do not include an explicit AUTH_<PROVIDER>_CHECK setting. In such cases, an authenticated user could be manipulated into calling a specially crafted URL, potentially through a Cross-Site Request Forgery (CSRF) or phishing attack. This could link the attacker's SSO account with the victim's account, allowing the attacker to impersonate the victim.

Impact

Exploitation of this vulnerability could lead to unauthorized linking of an attacker's SSO account with that of a victim, allowing the attacker to act on behalf of the victim within the application.

Reproduction

To reproduce this vulnerability, configure an SSO provider in Langfuse without setting the AUTH_<PROVIDER>_CHECK option. An attacker must then initiate an SSO session and abort the process after the callback URL is generated. They can then trick a user into sending a GET request to the Langfuse callback URL, using the attacker's authentication code. This request should follow the pattern of the '/api/auth/callback/{provider}' endpoint.

Remediation

Users can update to Langfuse versions 2.95.12 or 3.131.0, or set the AUTH_<PROVIDER>_CHECK option to 'pkce,state'.