A vulnerability was found in remix-run react-router up to 7.13.1 and classified as problematic . The impacted element is an unknown function. Such manipulation leads to cross site scripting. This vulnerability is listed as CVE-2026-33245 . The attack may be performed from remote. There is no available exploit. It is suggested to upgrade the affected component.