Description
Next.js 7.0.0 and 7.0.1 has XSS via the 404 or 500 /_error page.
Remediation
References
https://github.com/zeit/next.js/releases/tag/7.0.2
Related Vulnerabilities
CVE-2022-31051 Vulnerability in npm package semantic-release
CVE-2020-2169 Vulnerability in maven package org.jenkins-ci.plugins:queue-cleanup
CVE-2021-21172 Vulnerability in npm package electron
CVE-2023-37478 Vulnerability in npm package @pnpm/cafs
CVE-2023-33947 Vulnerability in maven package com.liferay.portal:release.portal.bom