In the React2Shell exploitation, we can abuse a deserialization vulnerability in React Server Components to smuggle attacker-controlled strings into Reactβs internal module loader.
We will be releasing a comprehensive write-up about the lessons in secure programming that can be learnt from this.
Coming soon!
Top comments (0)