TanStack Query supplies asynchronous state management, server-state utilities and data fetching for the web. The `@tanstack/react-query-next-experimental` NPM package is vulnerable to a cross-site scripting vulnerability. To exploit this, an attacker would need to either inject malicious input or arrange to have malicious input be returned from an endpoint. To fix this issue, please update to version 5.18.0 or later.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-01-30T19:36:48.810Z
Updated: 2024-08-23T18:20:15.958Z
Reserved: 2024-01-25T15:09:40.208Z
Link: CVE-2024-24558
Vulnrichment
Updated: 2024-08-01T23:19:52.904Z
NVD
Status : Modified
Published: 2024-01-30T20:15:45.690
Modified: 2024-11-21T08:59:24.740
Link: CVE-2024-24558
Redhat
No data.