2 matches found
Exposed Dangerous Method or Function
Overview @nuxt/webpack-builder is a Webpack bundler for Nuxt Affected versions of this package are vulnerable to Exposed Dangerous Method or Function when using webpack or rspack builder and navigating to a malicious website. An attacker can inject a script tag to request a classic script, which ...
GHSA-4V9V-HFQ4-RM2V webpack-dev-server users' source code may be stolen when they access a malicious web site
Summary Source code may be stolen when you access a malicious web site. Details Because the request for classic script by a script tag is not subject to same origin policy, an attacker can inject in their site and run the script. Note that the attacker has to know the port and the output entrypoi...