FinalProject

Description

Final Project Presentation – React2Shell Vulnerability (CVE-2025-55182) In this presentation, I discuss the React2Shell vulnerability, a framework-level security issue affecting React Server Components and related packages. I explain what React Server Components are, how the vulnerability worked at a technical level, why it created a risk of remote code execution, which packages and frameworks were affected, and what lessons developers and organizations can learn from this incident. The presentation also covers the timeline of disclosure, including the bug bounty report, React’s patching process, and the public disclosure of CVE-2025-55182. I conclude with practical recommendations such as tracking transitive dependencies, applying vendor-recommended patches, validating structured client input carefully, using least privilege, protecting secrets, and monitoring for suspicious behavior. This video was created as part of my final project submission for the course. Presented by: Name: Md. Abu Taher Shekh edX Username: Taher_CE24031 GitHub Username: muhammad-taher Recorded on: 25 March, 2026 Topic: React2Shell Vulnerability Incident Date: November–December 2025 CVE: CVE-2025-55182 Note: This video is uploaded as Unlisted for course submission purposes.