I got an email from Vercel urging to upgrade Next.js based project 3 days ago. POC was published 2 days ago. Today I’ve checked my logs and I could already see attack attempts.
You must log in or # to comment.
Yeah been scrambling to get this one patched.
This only affects sites that use the fancy new-fangled SSR rendering from what I’ve read. ReactJS (Client side) sites wouldn’t be affected.
deleted by creator
We were very lucky that our usage was on the literal version before the affected version. Dodged a bullet.
deleted by creator
