Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/06/22 12:27 p.m.10 views

CVE-2026-33245

A flaw was found in React Router. This vulnerability, a type of Cross-Site Scripting XSS, affects applications utilizing React Router's unstable React Server Components RSC APIs. A remote attacker could exploit this by sending untrusted redirects, leading to the execution of malicious scripts in...

8CVSS6AI score0.00188EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/04 3:23 p.m.12 views

EUVD-2026-33994

React Router vulnerable to Denial of Service via reflected user input in single-fetch...

7.5CVSS5.8AI score0.00294EPSS
Exploits0References5
OSV
OSV
added 2026/06/03 8:33 p.m.10 views

GHSA-8646-J5J9-6R62 React Router vulnerable to XSS in unstable RSC redirect handling via javascript: redirect targets

When using React Router v7's unstable RSC APIs, there exists a potential client-side XSS issue in the RSC redirect handling if redirects are coming from untrusted sources !NOTE This only impacts your application if you are using the unstable RSC APIs in React Router...

8CVSS5.8AI score0.00188EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/02 5:14 p.m.33 views

CVE-2026-33245 React Router vulnerable to XSS in unstable RSC redirect handling via javascript: redirect targets

React Router is a router for React. In versions 7.7.0 through 7.13.1, when using React Router's unstable React Server Components RSC APIs, there is a potential client-side Cross-Site Scripting XSS vulnerability in the RSC redirect handling if redirects come from untrusted sources. This does not...

8CVSS0.00188EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

react-router 安全漏洞

react-router is a declarative routing library for React, open-sourced by Remix. Versions 7.7.0 to 7.13.1 of react-router contain security vulnerabilities. These vulnerabilities stem from improper redirection handling when using the unstable RSC API, which may lead to cross-site scripting attacks ...

7.5CVSS4.9AI score0.00294EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.17 views

PT-2026-45828

Name of the Vulnerable Software and Affected Versions React Router versions 7.7.0 through 7.13.1 React Router versions prior to 7.14.0 Remix versions 2.9.0 and later Description Two distinct issues were identified. First, a client-side Cross-Site Scripting XSS flaw exists in the handling of...

7.5CVSS5.8AI score0.00294EPSS
Exploits0References11
Rows per page
Query Builder