Lucene search
K

5 matches found

NVD
NVD
added 2026/06/02 8:16 p.m.12 views

CVE-2026-34077

React Router is a router for React. In versions 7.7.0 through 7.13.1, when using React Router's unstable React Server Components RSC APIs, there is a potential client-side Cross-Site Scripting XSS vulnerability in the RSC redirect handling if redirects come from untrusted sources. This does not...

7.5CVSS0.00294EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/02 4:59 p.m.10 views

CVE-2026-33244 React Router has stored XSS via unescaped Location header in prerendered redirect HTML

React Router is a router for React. In versions 7.5.1 through 7.13.1, when using Framework Mode with pre-rendering enabled, improper neutralization of the HTTP Location header value can permit Cross-Site Scripting XSS in the statically generated HTML files if the redirect location comes from an...

5.4CVSS5.8AI score0.00144EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/02 4:59 p.m.12 views

CVE-2026-33244

React Router is a router for React. In versions 7.5.1 through 7.13.1, when using Framework Mode with pre-rendering enabled, improper neutralization of the HTTP Location header value can permit Cross-Site Scripting XSS in the statically generated HTML files if the redirect location comes from an...

5.4CVSS5.8AI score0.00144EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.11 views

PT-2026-45799

Name of the Vulnerable Software and Affected Versions React Router versions 7.5.1 through 7.13.1 Description When using Framework Mode with pre-rendering enabled, improper neutralization of the HTTP Location header value can permit Cross-Site Scripting XSS—a vulnerability where malicious scripts...

5.4CVSS5.8AI score0.00144EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.5 views

PT-2026-34471

Cross-Site Request Forgery CSRF vulnerability in ThemeFusion Avada allows Cross Site Request Forgery.This issue affects Avada: from n/a before 7.13.2...

4.3CVSS5.8AI score0.001EPSS
Exploits0References2
Rows per page
Query Builder