CVE-2025-68663
MEDIUM WAF: Low
CVSS 5.3
Published: 2026-02-11
CWE-287
Outline is a service that allows for collaborative documentation. Prior to 1.1.0, a vulnerability was found in Outline's WebSocket authentication mechanism that allows suspended users to maintain or establish real-time WebSocket connections and continue receiving sensitive operational updates after their account has been suspended. This vulnerability is fixed in 1.1.0.
WAF Coverage Analysis
Improper Authentication
Low WAF Coverage
OWASP: A07:2021 Identification and Authentication Failures
Affected Software
| Vendor | Product | Version |
|---|---|---|
| getoutline | outline | up to 1.1.0 |
References
- github.com (Release Notes)
- github.com (Vendor Advisory)