Open source React executes malicious code with malformed HTML—no authentication needed.
Maximum-severity vulnerability threatens 6% of all websites
Submitted 1 week ago by BrikoX@lemmy.zip to technology@lemmy.zip
Submitted 1 week ago by BrikoX@lemmy.zip to technology@lemmy.zip
Open source React executes malicious code with malformed HTML—no authentication needed.
gravitas_deficiency@sh.itjust.works 1 week ago
TL;DR:
Arbitrary code execution with no auth required at all.
Image