CodeAnt AI home pagelight logodark logo
  • Support
  • Dashboard
  • Dashboard
Documentation
API Reference
Start Here
  • What is CodeAnt?
  • Join Community
Setup
  • Github
  • Bitbucket
  • Gitlab
  • Azure Devops
Pull Request Review
  • Features
  • Customize Review
  • Quality Gates
  • Integrations
Scan center
  • Code Security
  • Code Quality
  • Cloud Security
  • Engineering Productivity
Integrations
  • Jira
  • Test Coverage
  • CI/CD
IDE
  • Setup
  • Review
  • Enhancements
Rule Reference
  • Compliance
  • Anti-Patterns
  • Code Governance
  • Infrastructure Security Database
  • Application Security Database
    • Apex
    • Bash
    • C
    • Clojure
    • Cpp
    • Csharp
    • Dockerfile
    • Elixir
    • Fingerprints
    • Generic
    • Go
    • Html
    • Java
    • Javascript
    • Json
    • Kotlin
    • Ocaml
    • Php
    • Problem-based-packs
    • Python
    • Ruby
    • Rust
    • Scala
    • Solidity
    • Swift
    • Terraform
    • Typescript
      • Angular
      • Aws-cdk
      • Lang
      • Nestjs
      • Nextjs
        • React-nextjs-router-create-element-dangerouslysetinnerhtml
        • React-nextjs-router-create-element-href
        • React-nextjs-router-dangerouslysetinnerhtml
        • React-nextjs-router-href
        • React-nextjs-router-push
          • React nextjs router push
        • React-nextjs-router-refs
      • React
      • Typescript
    • Yaml
Resources
  • Open Source
  • Blogs
React-nextjs-router-push

React nextjs router push

react-nextjs-router-push

Untrusted input could be used to tamper with a web page rendering, which can lead to a Cross-site scripting (XSS) vulnerability. XSS vulnerabilities occur when untrusted input executes malicious JavaScript code, leading to issues such as account compromise and sensitive information leakage. To prevent this vulnerability, validate URLs and their protocol before using them in your codebase.
Likelihood: HIGH
Confidence: HIGH
CWE:
- CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
OWASP:
- A07:2017 - Cross-Site Scripting (XSS)
- A03:2021 - Injection
React nextjs router hrefReact nextjs router refs
twitterlinkedin
Powered by Mintlify
Assistant
Responses are generated using AI and may contain mistakes.