CVE-2024-23841 | apollographql apollo-client-nextjs 0.7.0 Link cross site scripting (GHSA-rv8p-rr2h-fgpg)

Inserito da Angelo Barbosa | Gen 30, 2024 | CVE

A vulnerability classified as problematic was found in apollographql apollo-client-nextjs 0.7.0. This vulnerability affects unknown code of the component Link Handler. The manipulation leads to basic cross site scripting.

This vulnerability was named CVE-2024-23841. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-23841 | apollographql apollo-client-nextjs 0.7.0 Link cross site scripting (GHSA-rv8p-rr2h-fgpg)

Post correlati

CVE-2024-29057 | Microsoft Edge prior 123.0.2420.53 unknown vulnerability

CVE-2024-25508 | RuvarOA 6.01/12.01 bulletin_template_show.aspx id sql injection

CVE-2024-6964 | Tenda O3 1.0.0.10 fromDhcpSetSer dhcpEn/startIP/endIP/preDNS/altDNS/mask/gateway stack-based overflow

CVE-2024-37298 | gorilla schema up to 1.4.0 session_id allocation of resources (GHSA-3669-72×9-r9p3)