Astro 跨站请求伪造漏洞

Astro is an Astro open source web framework for content-driven websites. A cross-site request forgery vulnerability exists in Astro version 4.16.16 and earlier, which stems from a flaw in the cross-site request forgery protection middleware that allows requests to bypass CSRF checks, leaving them...

PT-2024-32873 · Astro · Astro

Name of the Vulnerable Software and Affected Versions: Astro versions 3.0.0 through 4.16.0 Description: The Astro web framework has a DOM Clobbering gadget in the client-side router. This issue can lead to cross-site scripting XSS in websites that enable Astro's client-side routing and have store...

Astro 跨站脚本漏洞

Astro is an Astro open source web framework for content-driven websites. A cross-site scripting vulnerability exists in Astro versions 3.0.0 through 4.16.1 and earlier, which stems from not properly cleaning up the name attribute on a page...