ZEIT Next.js 环境问题漏洞

ZEIT Next.js is an open source web application framework from ZEIT based on Vue.js, Node.js, Webpack and Babel.js. An environmental issue vulnerability exists in ZEIT Next.js versions 13.4 through prior to 13.5.1 that stems from the presence of a response queue poisoning vulnerability...

ZEIT Next.js NextAuth.js Cross-Site Scripting Vulnerability

ZEIT Next.js is a ZEIT company based on Vue.js, Node.js, Webpack and Babel.js open source web application framework . NextAuth.js is Next.js authentication . ZEIT Next.js NextAuth.js suffers from a cross-site scripting vulnerability. The vulnerability stems from the program's lack of data...

ZEIT Next.js Cross-Site Scripting Vulnerability

ZEIT Next.js is an open source web application framework from ZEIT based on Vue.js, Node.js, Webpack and Babel.js. Next.js versions 10.0.0 to 11.0.0 have a cross-site scripting vulnerability that can be exploited by attackers to execute arbitrary js commands...

ZEIT Next.js Input Validation Error Vulnerability (CNVD-2021-61800)

ZEIT Next.js is an open source web application framework from ZEIT based on Vue.js, Node.js, Webpack, and Babel.js. ZEIT Next.js is vulnerable to an input validation error in versions prior to 11.1.0, which stems from a web system or product that does not properly validate input data. An attacker...

CVE-2018-6184

ZEIT Next.js 4 before 4.2.3 has Directory Traversal under the /next request namespace...

CVE-2018-6184

ZEIT Next.js 4 before 4.2.3 has Directory Traversal under the /next request namespace...

Directory traversal

ZEIT Next.js 4 before 4.2.3 has Directory Traversal under the /next request namespace...

CVE-2018-6184

Zeit Next.js 4.x before 4.2.3 is vulnerable to a directory traversal via the /_next request namespace. The connected templates describe Local File Inclusion/LFI exposure, allowing an attacker to read sensitive files and potentially modify data or perform administrative actions within the affected...

CVE-2018-6184

ZEIT Next.js 4 before 4.2.3 has Directory Traversal under the /next request namespace...

CVE-2017-16877

ZEIT Next.js before 2.4.1 has directory traversal under the /next and /static request namespace, allowing attackers to obtain sensitive information...

Directory traversal

ZEIT Next.js before 2.4.1 has directory traversal under the /next and /static request namespace, allowing attackers to obtain sensitive information...