CVE-2024-23841 | apollographql apollo-client-nextjs 0.7.0 Link cross site scripting (GHSA-rv8p-rr2h-fgpg)

Inserito da Angelo Barbosa | Gen 30, 2024 | CVE

A vulnerability classified as problematic was found in apollographql apollo-client-nextjs 0.7.0. This vulnerability affects unknown code of the component Link Handler. The manipulation leads to basic cross site scripting.

This vulnerability was named CVE-2024-23841. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-23841 | apollographql apollo-client-nextjs 0.7.0 Link cross site scripting (GHSA-rv8p-rr2h-fgpg)

Post correlati

CVE-2024-5665 | Login Signup Popup Plugin 2.7.1/2.7.2 on WordPress Option authorization

CVE-2024-1156 | NI SystemLink Server/FlexLogger RabbitMQ Service default permission

CVE-2023-41926 | Kiloview P1/P2 up to 4.8.2605 Configuration Interface cleartext transmission (NCSC-2024-0273)

CVE-2024-49648 | rafasashi SVG Captcha Plugin up to 1.0.11 on WordPress cross site scripting