CVE-2026-22029

HIGH8.0EPSS 0.02%

React Router vulnerable to XSS via Open Redirects

發布日:2026/1/8修改日:2026/2/3

描述

React Router (and Remix v1/v2) SPA open navigation redirects originating from loaders or actions in [Framework Mode](https://reactrouter.com/start/modes#framework), [Data Mode](https://reactrouter.com/start/modes#data), or the unstable RSC modes can result in unsafe URLs causing unintended javascript execution on the client. This is only an issue if developers are creating redirect paths from untrusted content or via an open redirect. > [!NOTE] > This does not impact applications that use [Declarative Mode](https://reactrouter.com/start/modes#declarative) (`<BrowserRouter>`).

受影響套件(2)

npm/react-router>= 7.0.0, < 7.12.0
npm/@remix-run/routerfrom 0, < 1.23.2

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	HIGH8.0	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N

參考連結(3)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2026-22029
PATCHhttps://github.com/remix-run/react-router
WEBhttps://github.com/remix-run/react-router/security/advisories/GHSA-2w69-qvjg-hvjx