4 matches found
Origin Validation Error
@parcel/reporter-dev-server is vulnerable to an Origin Validation Error. The vulnerability is due to the server failing to verify and enforce the Origin header for XMLHttpRequests. An attacker can host a malicious webpage that issues cross-origin XMLHttpRequests to a developer's running dev serve...
@adobe/aio-cli (>=7.0.0 <=8.3.0), @adobe/aio-cli-plugin-app (>=7.0.0 <=8.6.1) +31 more potentially affected by CVE-2025-56648 via @parcel/reporter-dev-server (>=2.0.0-beta.1 <=2.16.3)
@parcel/reporter-dev-server NPM version =2.0.0-beta.1, =7.0.0, =7.0.0, =1.0.0, =5.0.0, =2.3.0, =3.3.6, =2.1.0, =1.0.0-alpha.27, =2.0.0, =2.0.0, =0.0.2, =0.0.2, =2.0.0-beta.1, =2.13.4-canary.3389, =2.13.4-canary.3403 and more Source cves: CVE-2025-56648 Source advisory: OSV:GHSA-QM9P-F9J5-W83W...
@58860ed6ffd9e897/gold-finger-extension (=1.0.2), @ableaura/ableui (=0.1.0) +1496 more potentially affected by CVE-2025-56648 via @parcel/reporter-dev-server (>=2.0.0-beta.1 <=2.9.3)
@parcel/reporter-dev-server NPM version =2.0.0-beta.1, =5.1.9, =7.0.0, =8.3.0-pre.2022-06-22.sha-42703caf, =7.0.0, =0.1.0, =1.0.0, =5.0.0, =0.0.9, =0.0.1, =5.1.0, =5.2.5 and more Source cves: CVE-2025-56648 Source advisory: SNYK:JS-PARCELREPORTERDEVSERVER-12878606...
Origin Validation Error
Overview @parcel/reporter-dev-server is a Blazing fast, zero configuration web application bundler Affected versions of this package are vulnerable to Origin Validation Error via improper origin validation in the development server. An attacker can access source code by tricking a developer into...