- provided dist contains
.next
build folder .next
build folder contains encryption key for server actions in.next/cache/.rscinfo
- this means that you can decrypt/re-encrypt the data when creating a connection, bypassing the Zod validation
- this gives you XSS in the
DifficultyIndicator
component via prop spreading:
export default function DifficultyIndicator({ puzzle, className = "" }: DifficultyIndicatorProps) {
const { groups } = puzzle