websafe-kb/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047/report.html

<!doctype html>
<html><head><meta charset='utf-8'><title>websafe run report</title>
<style>body{font-family:ui-monospace,Menlo,monospace;margin:2rem;line-height:1.5;} code,pre{background:#f5f5f5;padding:.2rem .4rem;} .grid{display:grid;grid-template-columns:repeat(2,minmax(0,1fr));gap:1rem;} .card{border:1px solid #ddd;padding:1rem;border-radius:.5rem;}</style>
</head><body>
<h1>Run nextjs-nextjs--CVE-2025-29927-20260317063047</h1>
<div class='grid'>
<div class='card'><strong>Advisory</strong><br><code>nextjs--CVE-2025-29927</code></div>
<div class='card'><strong>Status</strong><br><code>triage-manual</code></div>
<div class='card'><strong>Profile</strong><br><code>authz-bypass-generic</code></div>
<div class='card'><strong>Artifact Mode</strong><br><code>official-source</code></div>
</div>
<h2>Mermaid Timeline</h2>
<pre>flowchart LR
A[&quot;Select Advisory&quot;] --&gt; B[&quot;Resolve Repro Profile&quot;]
B --&gt; C[&quot;Provision Compose Environment&quot;]
C --&gt; D[&quot;Baseline Snapshot&quot;]
D --&gt; E[&quot;Controlled Attack Steps&quot;]
E --&gt; F[&quot;Browser Replay&quot;]
F --&gt; G[&quot;Collect Logs and Evidence&quot;]
G --&gt; H[&quot;Update Registry and Reports&quot;]
H --&gt; I[&quot;Blocked: dry-run only&quot;]</pre>
<h2>Evidence</h2><ul>
<li><code>/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047/logs/attack.json</code></li>
<li><code>/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-29927-20260317063047/logs/baseline.json</code></li>
</ul>
</body></html>