TanStack Query supplies asynchronous state management, server-state utilities and data fetching for the web. The `@tanstack/react-query-next-experimental` NPM package is vulnerable to a cross-site scripting vulnerability. To exploit this, an attacker would need to either inject malicious input or arrange to have malicious input be returned from an endpoint. To fix this issue, please update to version 5.18.0 or later.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-01-30T19:36:48.810Z

Updated: 2024-08-23T18:20:15.958Z

Reserved: 2024-01-25T15:09:40.208Z

Link: CVE-2024-24558

cve-icon Vulnrichment

Updated: 2024-08-01T23:19:52.904Z

cve-icon NVD

Status : Modified

Published: 2024-01-30T20:15:45.690

Modified: 2024-11-21T08:59:24.740

Link: CVE-2024-24558

cve-icon Redhat

No data.