2 matches found
Client-Side Path Traversal
Nuxt is vulnerable to Client-Side Path Traversal. The vulnerability is due to improper validation of user-controlled data within the Island payload revival mechanism, which allows an attacker to craft malicious nuxtisland objects that manipulate client-side requests to arbitrary endpoints within...
CVE-2025-59414
Nuxt is an open-source web development framework for Vue.js. Prior to 3.19.0 and 4.1.0, A client-side path traversal vulnerability in Nuxt's Island payload revival mechanism allowed attackers to manipulate client-side requests to different endpoints within the same application domain when specifi...