npm package
react-devtools-core
pkg:npm/react-devtools-core
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-5654 | — | < 4.28.4 | 4.28.4 | Oct 19, 2023 | The React Developer Tools extension registers a message listener with window.addEventListener('message', ) in a content script that is accessible to any webpage that is active in the browser. Within the listener is code that requests a URL derived from the received mess |
- CVE-2023-5654Oct 19, 2023affected < 4.28.4fixed 4.28.4
The React Developer Tools extension registers a message listener with window.addEventListener('message', ) in a content script that is accessible to any webpage that is active in the browser. Within the listener is code that requests a URL derived from the received mess