@workos-inc/authkit-nextjs refresh tokens are logged when the debug flag is enabled
Refresh tokens are logged to the console when the disabled by default debug flag, is enabled.
Advisories for Npm/@Workos-Inc/Authkit-Nextjs package
2024
@workos-inc/authkit-nextjs session replay vulnerability
A user can reuse an expired session by controlling the x-workos-session header.