alt Hacker NewsThe CVE says the that flaw is in React Server Components, which implies strongly that this is a RCE on the backend (!!), not the client.
Replies
IceDane • today at 8:11 PM
Bravo.
padjo • today at 6:06 PM
Where else would it be? What would an RCE of the client even mean?
➕ show 2 replies
I suspect client developers are also affected at least to the extent that they need to explain this RCE to CVE driven management.