security:react_2_shell [Wiki.Quizz.vn]

security:react_2_shell

Table of Contents

Critical Security Vulnerability in React Server Components
Impact
Required Action
References

Critical Security Vulnerability in React Server Components

@channel

You may have already heard about the serious security issue called React2Shell.

Quick summary:

Attackers can execute code from the client into the server (SSR)
No authentication required
Severity level: 10/10 (critical)

This vulnerability comes from:

Server Side Rendering (SSR)
in React Server Components (Next.js)

Impact

Your project may be affected if it:

Uses React Server Components
Has SSR enabled
OR even installed but SSR is not enabled

THERE IS STILL RISK OF EXPLOITATION

Please review your projects carefully.

Required Action

If your project uses the above features:

Update to the latest patched version immediately
Follow the official security instructions

References

Vulnerability report: https://react2shell.com/
Action required: https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components

security/react_2_shell.txt · Last modified: 2026/02/17 22:56 by phong2018