Description
Next.js before 13.4.20-canary.13 lacks a cache-control header and thus empty prefetch responses may sometimes be cached by a CDN, causing a denial of service to all users requesting the same URL via that CDN.
Remediation
References
Related Vulnerabilities
PHP Other Vulnerability (CVE-2007-4658)
WordPress Plugin Customer Service Software & Support Ticket System Cross-Site Scripting (5.10.3)
WordPress Plugin InfiniteWP Client Unspecified Vulnerability (1.3.14)
WordPress Plugin Lockdown WP Admin Unspecified Vulnerability (1.1.2)
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-5597)