TanStack Query supplies asynchronous state management, server-state utilities and data fetching for the web. The `@tanstack/react-query-next-experimental` NPM package is vulnerable to a cross-site scripting vulnerability. To exploit this, an attacker would need to either inject malicious input or arrange to have malicious input be returned from an endpoint. To fix this issue, please update to version 5.18.0 or later.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-01-30T19:36:48.810Z
Updated: 2024-01-30T19:36:48.810Z
Reserved: 2024-01-25T15:09:40.208Z
Link: CVE-2024-24558
JSON object: View
NVD Information
Status : Analyzed
Published: 2024-01-30T20:15:45.690
Modified: 2024-04-23T19:52:49.107
Link: CVE-2024-24558
JSON object: View
Redhat Information
No data.
CWE