Skip to main content

React Devtools

1 CVEs product

Monthly

CVE-2023-5654 npm MEDIUM PATCH This Month

The React Developer Tools extension registers a message listener with window.addEventListener('message', <listener>) in a content script that is accessible to any webpage that is active in the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass React Devtools
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

The React Developer Tools extension registers a message listener with window.addEventListener('message', <listener>) in a content script that is accessible to any webpage that is active in the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass React Devtools
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy