CVE-2023-5654

The CVE-2023-5654 issue affects the React Developer Tools extension and is caused by a content-script listener registered with window.addEventListener('message', …) that fetches a URL derived from a received message without validating/sanitising it. This allows a malicious page to trigger the vic...