CVE-2023-46729: 
JavaScript vulnerability analysis and mitigation

The vulnerability (CVE-2023-46729) affects sentry-javascript's Next.js SDK versions from 7.26.0 to versions before 7.77.0. An unsanitized input in the Next.js SDK tunnel endpoint allows sending HTTP requests to arbitrary URLs and reflecting the response back to the user. This vulnerability only impacts users who have enabled the Next.js SDK tunneling feature (Sentry Advisory).

The vulnerability is classified as a Server-Side Request Forgery (SSRF) issue with a CVSS v3.1 base score of 9.3 (Critical). The attack vector is Network-based (AV:N) with Low attack complexity (AC:L), requiring No privileges (PR:N) but needs User interaction (UI:R). The scope is Changed (S:C) with High impact on both Confidentiality and Integrity (C:H, I:H) but No impact on Availability (A:N) (NVD).

The vulnerability could enable several attack vectors: client-side vulnerabilities like XSS/CSRF in the context of the trusted domain, interaction with internal network, unauthorized access to cloud metadata endpoints (AWS, Azure, Google Cloud, etc.), and local/remote port scanning capabilities (Sentry Advisory).

The vulnerability has been patched in version 7.77.0 of the sentry-javascript Next.js SDK. For users unable to update immediately, a workaround is available by disabling tunneling - this can be done by removing the tunnelRoute option from the Sentry Next.js SDK config in next.config.js or next.config.mjs (Sentry Advisory).