- Description
- Next.js is a React framework for building full-stack web applications. By sending a crafted HTTP request, it is possible to poison the cache of a non-dynamic server-side rendered route in the pages router (this does not affect the app router). When this crafted request is sent it could coerce Next.js to cache a route that is meant to not be cached and send a `Cache-Control: s-maxage=1, stale-while-revalidate` header which some upstream CDNs may cache as well. To be potentially affected all of the following must apply: 1. Next.js between 13.5.1 and 14.2.9, 2. Using pages router, & 3. Using non-dynamic server-side rendered routes e.g. `pages/dashboard.tsx` not `pages/blog/[slug].tsx`. This vulnerability was resolved in Next.js v13.5.7, v14.2.10, and later. We recommend upgrading regardless of whether you can reproduce the issue or not. There are no official or recommended workarounds for this issue, we recommend that users patch to a safe version.
- Source
- security-advisories@github.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
- security-advisories@github.com
- CWE-639
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
6
next.js, two reflected cookies in pageProps and a WAF single payload -> 403 split the payload in two -> 403 split + reverse their order -> 200 + stale elixir exploit (CVE-2024-46982) -> CP to SXSS https://t.co/R5qjA8nVO4
@zhero___
4 Feb 2025
14873 Impressions
18 Retweets
319 Likes
145 Bookmarks
9 Replies
0 Quotes
"The Stale Elixir": New Next.js cache poisoning research by @zhero___ drops! (CVE-2024-46982)☠️ Forces SSR (dynamic content) into cacheable SSG (static cacheable content), enabling XSS & DoS attacks. https://t.co/PePWoZL5p1 #bugbountytips #bugbounty #pentesting https://t.
@payloadartist
31 Jan 2025
2191 Impressions
9 Retweets
51 Likes
24 Bookmarks
0 Replies
0 Quotes
Una vulnerabilidad identificada como CVE-2024-46982 en Next.js expone a los sitios web a envenenamiento de caché y ataques de secuencias de comandos entre sitios (XSS) almacenados, lo que plantea riesgos tanto para los datos del usuario como para las aplicaciones. 🧉 https://t.c
@MarquisioX
23 Jan 2025
45 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
♣️Next.js, cache & chains : the stale elixir (CVE-2024-46982) 🌟Blog : https://t.co/RN7mDQtWDj https://t.co/4CmjUVLslh
@HackingTeam777
23 Jan 2025
185 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
very pleased to announce the release of my new article based on my research that led to CVE-2024-46982 titled: Next.js, cache, and chains: the stale elixir https://t.co/UFndJxNYLI note: does not cover the latest findings shared in my recent posts enjoy reading; https://t.co/r
@zhero___
21 Jan 2025
27732 Impressions
152 Retweets
588 Likes
324 Bookmarks
32 Replies
7 Quotes