GHSA-RV8P-RR2H-FGPG @apollo/experimental-nextjs-app-support Cross-site Scripting vulnerability

Impact The @apollo/experimental-apollo-client-nextjs NPM package is vulnerable to a cross-site scripting vulnerability. This vulnerability arises from improper handling of untrusted input when @apollo/experimental-apollo-client-nextjs performs server-side rendering of HTML pages. To fix this...

CVE-2024-23841

CVE-2024-23841 affects the Next.js Apollo client integration, specifically the package @apollo/experimental-apollo-client-nextjs. The vulnerability is a cross-site scripting issue arising from improper handling of untrusted input during server-side rendering of HTML pages. Exploitation would requ...

Apollo Cross-Site Scripting Vulnerability

Apollo is a set of PHP scripts by Alex Breen, an individual developer. It is intended to provide a web-based interface for students to upload coursework. A cross-site scripting vulnerability exists in Apollo apollo-client-nextjs versions prior to 0.7.0, which stems from mishandling of untrusted...

PT-2024-20116 · Unknown · Apollo-Client-Nextjs +1

Name of the Vulnerable Software and Affected Versions: apollo-client-nextjs versions prior to 0.7.0 Description: The @apollo/experimental-apollo-client-nextjs NPM package is vulnerable to a cross-site scripting vulnerability. This issue arises from improper handling of untrusted input when the...