4 matches found
CVE-2026-34077
React Router is a router for React. In versions 7.7.0 through 7.13.1, when using React Router's unstable React Server Components RSC APIs, there is a potential client-side Cross-Site Scripting XSS vulnerability in the RSC redirect handling if redirects come from untrusted sources. This does not...
CVE-2026-34077
React Router is a router for React. In versions 7.7.0 through 7.13.1, when using React Router's unstable React Server Components RSC APIs, there is a potential client-side Cross-Site Scripting XSS vulnerability in the RSC redirect handling if redirects come from untrusted sources. This does not...
CVE-2026-33245 React Router vulnerable to XSS in unstable RSC redirect handling via javascript: redirect targets
React Router is a router for React. In versions 7.7.0 through 7.13.1, when using React Router's unstable React Server Components RSC APIs, there is a potential client-side Cross-Site Scripting XSS vulnerability in the RSC redirect handling if redirects come from untrusted sources. This does not...
CVE-2026-33245
CVE-2026-33245 affects React Router versions 7.7.0–7.13.1 when using unstable React Server Components (RSC) APIs. The issue is a client-side XSS vulnerability in the RSC redirect handling if redirects originate from untrusted sources. Applications not using the unstable RSC APIs are not affected....