CVE-2025-64745 Astro development server error page vulnerable to reflected Cross-site Scripting

Astro is a web framework. Starting in version 5.2.0 and prior to version 5.15.6, a Reflected Cross-Site Scripting XSS vulnerability exists in Astro's development server error pages when the trailingSlash configuration option is used. An attacker can inject arbitrary JavaScript code that executes ...

CVE-2025-64745

CVE-2025-64745 affects Astro’s development server only. When trailingSlash is enabled, the dev 404 page can reflect an attacker-controlled pathname and inject arbitrary JavaScript, enabling a reflected XSS in the victim’s browser. Affected versions: 5.2.0 up to 5.15.5; fixed in 5.15.6. Impact is ...

CVE-2025-64745 Astro development server error page vulnerable to reflected Cross-site Scripting

Astro is a web framework. Starting in version 5.2.0 and prior to version 5.15.6, a Reflected Cross-Site Scripting XSS vulnerability exists in Astro's development server error pages when the trailingSlash configuration option is used. An attacker can inject arbitrary JavaScript code that executes ...

CVE-2025-64745 Astro development server error page vulnerable to reflected Cross-site Scripting

Astro is a web framework. Starting in version 5.2.0 and prior to version 5.15.6, a Reflected Cross-Site Scripting XSS vulnerability exists in Astro's development server error pages when the trailingSlash configuration option is used. An attacker can inject arbitrary JavaScript code that executes ...

EUVD-2025-179299

Malicious code in development-webdriver-mocha-leda-bellatrix npm...

EUVD-2025-179277

Malicious code in dorado-development-troposphere-futurology npm...

EUVD-2025-179307

Malicious code in development-dependencies-cybernetics-cryptography npm...

EUVD-2025-179298

Malicious code in development-xerxes-dagda-repository npm...

EUVD-2025-178272

Malicious code in jovian-development-meissa-configstore npm...

EUVD-2025-177680

Malicious code in nebula-development-less-loader-achernar npm...

EUVD-2025-180091

Malicious code in betelgeuse-development-heliophysics-cordelia npm...

EUVD-2025-177224

Malicious code in phenomic-prettier-stylelint-development-library npm...

EUVD-2025-177119

Malicious code in pm2-development-postcss-callback npm...

EUVD-2025-178772

Malicious code in ganymede-publish-development-janus npm...

EUVD-2025-176722

Malicious code in relay-development-update-semantic-release npm...

EUVD-2025-179300

Malicious code in development-warp-geoarchaeology-odin npm...

EUVD-2025-179598

Malicious code in configstore-hermes-development-update npm...

EUVD-2025-177930

Malicious code in mdx-development-elara-stratosphere npm...

EUVD-2025-179301

Malicious code in development-rollup-pipe-koa npm...

EUVD-2025-175628

Malicious code in wavefunction-optimize-css-assets-webpack-plugin-development-ursa npm...