CVE-2024-23841 XSS in @apollo/experimental-nextjs-app-support

apollo-client-nextjs is the Apollo Client support for the Next.js App Router. The @apollo/experimental-apollo-client-nextjs NPM package is vulnerable to a cross-site scripting vulnerability. To exploit this vulnerability, an attacker would need to either inject malicious input e.g. by redirecting...

CVE-2024-23841

CVE-2024-23841 affects the Next.js Apollo client integration, specifically the package @apollo/experimental-apollo-client-nextjs. The vulnerability is a cross-site scripting issue arising from improper handling of untrusted input during server-side rendering of HTML pages. Exploitation would requ...

CVE-2024-23841 XSS in @apollo/experimental-nextjs-app-support

apollo-client-nextjs is the Apollo Client support for the Next.js App Router. The @apollo/experimental-apollo-client-nextjs NPM package is vulnerable to a cross-site scripting vulnerability. To exploit this vulnerability, an attacker would need to either inject malicious input e.g. by redirecting...

CVE-2024-23841 XSS in @apollo/experimental-nextjs-app-support

apollo-client-nextjs is the Apollo Client support for the Next.js App Router. The @apollo/experimental-apollo-client-nextjs NPM package is vulnerable to a cross-site scripting vulnerability. To exploit this vulnerability, an attacker would need to either inject malicious input e.g. by redirecting...

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)

apollo-client-nextjs is the Apollo Client support for the Next.js App Router. The @apollo/experimental-apollo-client-nextjs NPM package is vulnerable to a cross-site scripting vulnerability. To exploit this vulnerability, an attacker would need to either inject malicious input e.g. by redirecting...

Apollo Cross-Site Scripting Vulnerability

Apollo is a set of PHP scripts by Alex Breen, an individual developer. It is intended to provide a web-based interface for students to upload coursework. A cross-site scripting vulnerability exists in Apollo apollo-client-nextjs versions prior to 0.7.0, which stems from mishandling of untrusted...

PT-2024-20116 · Unknown · Apollo-Client-Nextjs +1

Name of the Vulnerable Software and Affected Versions: apollo-client-nextjs versions prior to 0.7.0 Description: The @apollo/experimental-apollo-client-nextjs NPM package is vulnerable to a cross-site scripting vulnerability. This issue arises from improper handling of untrusted input when the...

apollofertility.com Cross Site Scripting vulnerability OBB-3840400

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2022-4962

A vulnerability was found in Apollo 2.0.0/2.0.1 and classified as problematic. Affected by this issue is some unknown functionality of the file /users of the component Configuration Center. The manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been...

CVE-2022-4962

A vulnerability was found in Apollo 2.0.0/2.0.1 and classified as problematic. Affected by this issue is some unknown functionality of the file /users of the component Configuration Center. The manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been...

Authorization

A vulnerability was found in Apollo 2.0.0/2.0.1 and classified as problematic. Affected by this issue is some unknown functionality of the file /users of the component Configuration Center. The manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been...

CVE-2022-4962

Summary (CVE-2022-4962) : Several sources describe a vulnerability in Apollo 2.0.0/2.0.1 within the Configuration Center’s /users functionality, causing improper authorization. The issue is exploitable remotely and, per the documents, the exploit has been disclosed publicly. There is no publicly ...

CVE-2022-4962 Apollo Configuration Center users improper authorization

A vulnerability was found in Apollo 2.0.0/2.0.1 and classified as problematic. Affected by this issue is some unknown functionality of the file /users of the component Configuration Center. The manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been...

CVE-2022-4962 Apollo Configuration Center users improper authorization

A vulnerability was found in Apollo 2.0.0/2.0.1 and classified as problematic. Affected by this issue is some unknown functionality of the file /users of the component Configuration Center. The manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been...

Apollo Authorization Issues Vulnerabilities

Apollo is a set of PHP scripts by Alex Breen, an individual developer. It is intended to provide a web-based interface for students to upload course assignments. An authorization issue vulnerability exists in Apollo versions 2.0.0 and 2.0.1, which stems from the inclusion of unknown functions in...

apollointelligence.net Cross Site Scripting vulnerability OBB-3799520

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

apollo-haaraesthetik.de Improper Access Control vulnerability OBB-3769269

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Apollo Router vulnerable to Improper Check or Handling of Exceptional Conditions

Impact The Apollo Router is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation. Affected versions are subject to a Denial-of-Service DoS type vulnerability which causes the Router to panic and terminate when a multi-part respons...

GHSA-R344-XW3P-2FRJ Apollo Router vulnerable to Improper Check or Handling of Exceptional Conditions

Impact The Apollo Router is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation. Affected versions are subject to a Denial-of-Service DoS type vulnerability which causes the Router to panic and terminate when a multi-part respons...

CVE-2023-45812

The Apollo Router is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation. Affected versions are subject to a Denial-of-Service DoS type vulnerability which causes the Router to panic and terminate when a multi-part response is...