I18Next Http Backend
Monthly
Path traversal and URL injection in i18next-http-backend prior to version 3.0.5 allows remote attackers to manipulate request URLs by injecting unsanitized language (lng) and namespace (ns) parameters, potentially leading to server-side request forgery (SSRF), path-based authorization bypass, or arbitrary file reads in SSR deployments. The vulnerability affects all applications using the library with user-controlled language selection via query parameters, cookies, localStorage, or request headers-the default configuration. Vendor-released patch: version 3.0.5.
Path traversal and URL injection in i18next-http-backend prior to version 3.0.5 allows remote attackers to manipulate request URLs by injecting unsanitized language (lng) and namespace (ns) parameters, potentially leading to server-side request forgery (SSRF), path-based authorization bypass, or arbitrary file reads in SSR deployments. The vulnerability affects all applications using the library with user-controlled language selection via query parameters, cookies, localStorage, or request headers-the default configuration. Vendor-released patch: version 3.0.5.