3 matches found
Open Redirect
Overview Affected versions of this package are vulnerable to Open Redirect via improper handling of URLs in the navigateTo function. An attacker can execute arbitrary scripts or redirect users to malicious sites by supplying crafted URLs that exploit path normalization and protocol-relative...
Authentication Bypass Using an Alternate Path or Channel
Overview Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel in the route middleware. An attacker can gain unauthorized access to server-rendered page content by directly requesting the /nuxtisland/page endpoint, bypassing authentication or...
HTTP Request Smuggling
Overview Affected versions of this package are vulnerable to HTTP Request Smuggling via the nuxtisland endpoint when responses are not properly bound to request props, allowing shared-cache poisoning. An attacker can cause users to receive attacker-controlled HTML by priming a shared cache with...