Bug 2477191 (CVE-2026-44581)
| Summary: | CVE-2026-44581 next.js: Next.js: Stored Cross-Site Scripting via malformed nonce values in cached responses | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security <prodsec-ir-bot> |
| Status: | NEW --- | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | bbrownin, chfoley, eborisov, gotiwari, jgrulich, jhorak, kaycoth, lball, mvyas, ngough, rgodfrey, rhel-process-autobot, swoodman, tpopela, veshanka, watson-tool-maintainers |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
A flaw was found in Next.js. This vulnerability, a type of stored cross-site scripting (XSS), allows a remote attacker to inject malicious scripts into web pages. By manipulating nonce values derived from request headers, an attacker can poison cached responses, leading to arbitrary script execution in the browsers of subsequent visitors.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2484211, 2484213, 2484223, 2484215, 2484217, 2484219, 2484221 | ||
| Bug Blocks: | |||
|
Description
OSIDB Bzimport
2026-05-13 18:01:49 UTC
|