Vulnerability
Next.js is a server-rendered React framework with a simple approach.Next.js versions prior to 2.4.1 include a directory traversal bug. The / next and /static request namespaces are affected by this problem. An attacker can create a request that allows them to access potentially sensitive data in your filesystem.
Mitigation / Precaution
In order to patch this vulnerability, we suggest you update Nextjs to the latest version.
Written by
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
