-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AIMiggo AIRoot Cause AnalysisThe vulnerability stems from improper input handling in search functionality. The GitHub advisory and patch commit messages indicate fixes were made to sanitize search queries and page content processing. The high-confidence vulnerable function is the search handler that directly processes the tainted 'Search' parameter. The medium-confidence content processor is included due to related sanitization fixes in the patch that address potential injection vectors affecting multiple components.
JavaScriptJavaScript| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| raneto | npm | <= 0.17.0 | 0.17.1 |
Ongoing coverage of React2Shell