2 matches found
CVE-2024-24558 react-query-streamed-hydration xss
TanStack Query supplies asynchronous state management, server-state utilities and data fetching for the web. The @tanstack/react-query-next-experimental NPM package is vulnerable to a cross-site scripting vulnerability. To exploit this, an attacker would need to either inject malicious input or...
CVE-2024-24558
The CVE-2024-24558 entry concerns the TanStack Query package, specifically the @tanstack/react-query-next-experimental component. The vulnerability is a cross‑site scripting (XSS) flaw that arises from improper handling of untrusted input during server‑side rendering, allowing an attacker to inje...