An issue was discovered in Clerk-js 5.88.0 allowing attackers to bypass the OAuth authentication flow by manipulating the request at the OTP verification stage.
This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.