React Router Flaw Exposes Web Apps to Cache Poisoning & WAF Bypass Attacks
Posted: Sat Apr 05, 2025 12:38 pm
A critical security vulnerability, CVE-2025-31137, has been identified in React Router, a popular library used by millions of developers for managing routing in React applications.
Security researchers from zhero_web_security discovered this flaw, which affects both React Router 7 and Remix 2 frameworks when using the Express adapter. It could potentially expose web applications to cache poisoning and web application firewall (WAF) bypass attacks.
https://cybersecuritynews.com/react-rou ... -web-apps/
Security researchers from zhero_web_security discovered this flaw, which affects both React Router 7 and Remix 2 frameworks when using the Express adapter. It could potentially expose web applications to cache poisoning and web application firewall (WAF) bypass attacks.
https://cybersecuritynews.com/react-rou ... -web-apps/