CVE-2026-33244 | remix-run react-router up to 7.13.1 HTML File createBrowserRouter/ HTML injection (GHSA-f22v-gfqf-p8f3)
A vulnerability, which was classified as problematic, has been found in remix-run react-router up to 7.13.1. Affected by this vulnerability is an unknown functionality of the file createBrowserRouter/ of the component HTML File Handler. This manipulation causes HTML injection.
This vulnerability is registered as CVE-2026-33244. Remote exploitation of the attack is possible. No exploit is available.
It is advisable to upgrade the affected component.VulDB Recent EntriesRead More