Description ZEIT Next.js 4 before 4.2.3 has Directory Traversal under the /_next request namespace. Remediation References CVE-2018-6184 Related Vulnerabilities MySQL CVE-2021-35591 Vulnerability (CVE-2021-35591) WordPress 5.4.x PHP Object Injection (5.4 - 5.4.5) PHP Improper Input Validation Vulnerability (CVE-2012-1172) XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-35153) Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-19210) Severity High Classification CVE-2018-6184 CWE-22 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Tags Missing Update Known Vulnerabilities