5 matches found
PT-2026-5203
Name of the Vulnerable Software and Affected Versions Next.Js versions 0.0.0 through 1.6.3 Next.Js versions 2.0.0 through 2.0.0 Description A security issue exists in Next.Js related to a permissive cross-domain security policy with untrusted domains, which can lead to Cross-Site Scripting XSS...
Vulnerabilities fixed in React Server Components
React has fixed vulnerabilities in certain versions of React Server Components specifically for versions 19.0.0, 19.1.0, 19.1.1 and 19.2.0. An unauthenticated attacker can send a rogue HTTP request to any Server Function endpoint that, when processed by React, can lead to remote code execution on...
Exploit for CVE-2025-55182
CVE-2025-55182 - React RSC RCE PoC pour la vuln de deserialis...
Exploit for CVE-2025-55182
CVE-2025-55182 - React Server Components RCE Exploit Python C...
GHSA-9GR3-7897-PP7M XSS in Image Optimization API for Next.js
Impact - Affected: All of the following must be true to be affected - Next.js between version 10.0.0 and 11.1.0 - The next.config.js file has images.domains array assigned - The image host assigned in images.domains allows user-provided SVG - Not affected: The next.config.js file has images.loade...