A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote code execution without authentication in React and Next.js applications.
This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback