Lucene search
K

453 matches found

CVE
CVE
added 2026/06/22 9:4 p.m.12 views

CVE-2026-56697

Nuxt security note: Nuxt versions 4.0.0–4.4.6 and 3.x before 3.21.7 are affected by an open redirect in the reloadNuxtApp function. Protocol-relative paths like //evil.com pass the script-protocol check but resolve to a cross-origin URL against the current page protocol, enabling attackers to red...

6.1CVSS5.9AI score0.00191EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/22 9:4 p.m.4 views

CVE-2026-56697

Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 accept protocol-relative paths such as //evil.com in the reloadNuxtApp function; these pass the script-protocol check but resolve to a cross-origin URL against the current page protocol. Attackers can inject paths like //evil.com to redirect...

6.1CVSS5.9AI score0.00191EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/06/22 9:4 p.m.22 views

CVE-2026-56326 Nuxt - Server-Side Open Redirect via Path-Normalization Bypass in navigateTo

Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 contain a server-side open redirect vulnerability in navigateTo that fails to properly validate path-normalized payloads like /..//evil.com and /.//evil.com. Attackers can bypass external-host checks using path-normalization techniques to...

6.1CVSS0.00205EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/22 9:4 p.m.20 views

EUVD-2026-38375

Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 contain a server-side open redirect vulnerability in navigateTo that fails to properly validate path-normalized payloads like /..//evil.com and /.//evil.com. Attackers can bypass external-host checks using path-normalization techniques to...

6.1CVSS5.9AI score0.00205EPSS
Exploits0References4
CVE
CVE
added 2026/06/22 9:4 p.m.14 views

CVE-2026-56326

Nuxt.js (versions 4.0.0–4.4.6 and 3.x up to 3.21.6) contains a server-side open redirect vulnerability in navigateTo due to improper validation of path-normalized payloads (e.g., /..//evil.com, /.//evil.com). Attackers can bypass external-host checks via path-normalization techniques to redirect ...

6.1CVSS5.9AI score0.00205EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.14 views

PT-2026-51417

Name of the Vulnerable Software and Affected Versions Nuxt versions 3.x prior to 3.21.7 Nuxt versions 4.0.0 through 4.4.6 Description Nuxt fails to validate script-capable URLs in the navigateTo open option, which allows for client-side script execution. When user-controlled input is passed to...

6.1CVSS6AI score0.00234EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.16 views

PT-2026-51416

Name of the Vulnerable Software and Affected Versions Nuxt versions 3.x prior to 3.21.7 Nuxt versions 4.0.0 through 4.4.6 Description The reloadNuxtApp function accepts protocol-relative paths, such as //evil.com. These paths bypass the script-protocol check and resolve to a cross-origin URL base...

6.1CVSS5.8AI score0.00191EPSS
Exploits0References8
NVD
NVD
added 2026/06/20 4:17 p.m.14 views

CVE-2026-56317

Nuxt before 4.4.7 and the 3.x branch before 3.21.7 contains a cross-site scripting vulnerability in the NoScript component that writes slot content to innerHTML without escaping. Attackers can inject malicious scripts through untrusted data in NoScript slots, such as route.query parameters, which...

6.1CVSS0.00209EPSS
Exploits0References4
CVE
CVE
added 2026/06/20 3:21 p.m.23 views

CVE-2026-56317

CVE-2026-56317 affects Nuxt before 4.4.7 and the 3.x branch before 3.21.7. The NoScript component writes slot content to innerHTML without escaping, enabling cross-site scripting via untrusted data in NoScript slots (e.g., route.query parameters). Impact is XSS in pages rendering NoScript content...

6.1CVSS5.7AI score0.00209EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/06/20 3:21 p.m.27 views

CVE-2026-56317 Nuxt - Cross-Site Scripting via NoScript Component Slot Content

Nuxt before 4.4.7 and the 3.x branch before 3.21.7 contains a cross-site scripting vulnerability in the NoScript component that writes slot content to innerHTML without escaping. Attackers can inject malicious scripts through untrusted data in NoScript slots, such as route.query parameters, which...

2.3CVSS0.00209EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/20 3:21 p.m.7 views

EUVD-2026-38112

Nuxt before 4.4.7 and the 3.x branch before 3.21.7 contains a cross-site scripting vulnerability in the NoScript component that writes slot content to innerHTML without escaping. Attackers can inject malicious scripts through untrusted data in NoScript slots, such as route.query parameters, which...

2.3CVSS5.7AI score0.00209EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/20 12:0 a.m.16 views

PT-2026-51143

Name of the Vulnerable Software and Affected Versions Nuxt versions prior to 4.4.7 Nuxt versions prior to 3.21.7 Description A cross-site scripting issue exists in the NoScript component, which writes slot content to innerHTML without proper escaping. This allows attackers to inject malicious...

6.1CVSS5.8AI score0.00209EPSS
Exploits0References12
EUVD
EUVD
added 2026/06/16 11:39 p.m.10 views

EUVD-2026-36421

@nuxt/webpack-builder and @nuxt/rspack-builder dev server same-origin check bypassed when Sec-Fetch-Site, Origin, and Referer are all absent incomplete fix for GHSA-6m52-m754-pw2g...

5.9CVSS5.2AI score0.0028EPSS
Exploits1References6
OSV
OSV
added 2026/06/16 11:38 p.m.13 views

GHSA-M3Q2-P4FW-W38M Cross-site scripting via <NoScript> slot content in Nuxt's head components

Impact Nuxt's globally registered component from @unhead/vue head components, re-exported by Nuxt wrote its default-slot content to the innerHTML of the head tag, bypassing the HTML escaping that interpolation normally applies in Vue templates. Applications that placed untrusted,...

2.3CVSS5.3AI score0.00209EPSS
Exploits0References4
Snyk
Snyk
added 2026/06/16 11:38 p.m.12 views

Cross-site Scripting (XSS)

Overview org.webjars.npm:nuxt is a Affected versions of this package are vulnerable to Cross-site Scripting XSS via the NoScript component when untrusted input is interpolated into its slot content. An attacker can inject malicious HTML or scripts by supplying specially crafted data that is...

6.1CVSS5.9AI score0.00209EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 1:49 p.m.12 views

EUVD-2026-36428

Nuxt: Reflected XSS in via unsanitised javascript: or data: URL...

5.4CVSS5.1AI score0.00198EPSS
Exploits0References4
OSV
OSV
added 2026/06/16 1:49 p.m.6 views

GHSA-534H-C3CW-V3H9 Nuxt dev server vite-node IPC socket is world-connectable on Linux

Impact When running nuxt dev on Linux Node.js 20+, outside Docker / StackBlitz, Nuxt's internal vite-node IPC server binds to a Linux abstract-namespace Unix socket \0nuxt-vite-node--.sock. Abstract sockets have no filesystem inode and therefore no permission bits: any local UID on the host that...

5.5CVSS5.4AI score0.00103EPSS
Exploits0References4
Snyk
Snyk
added 2026/06/16 1:49 p.m.13 views

Incorrect Default Permissions

Overview Affected versions of this package are vulnerable to Incorrect Default Permissions via the module and resolve request types in the internal IPC server. An attacker can access sensitive files and secrets by connecting to the world-accessible abstract-namespace Unix socket and issuing craft...

6.8CVSS5.9AI score0.00103EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/06/16 1:47 p.m.12 views

NPM: Nuxt: URL-handling weaknesses in `navigateTo` and `reloadNuxtApp`: SSR open redirect, client-side script execution via the `open` option, and protocol-relative bypass in `reloadNuxtApp`

NPM: Nuxt: URL-handling weaknesses in navigateTo and reloadNuxtApp: SSR open redirect, client-side script execution via the open option, and protocol-relative bypass in reloadNuxtApp vulnerability discovered by ? in WordPress Npm nuxt versions 3.21.7...

6.1CVSS6AI score0.00205EPSS
Exploits0References10Affected Software1
Snyk
Snyk
added 2026/06/16 1:47 p.m.20 views

Open Redirect

Overview Affected versions of this package are vulnerable to Open Redirect via improper handling of URLs in the navigateTo function. An attacker can execute arbitrary scripts or redirect users to malicious sites by supplying crafted URLs that exploit path normalization and protocol-relative...

9.6CVSS6.1AI score0.00205EPSS
Exploits0References3
Rows per page
Query Builder