Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
VitejsVite

2 matches found

CVE
CVEadded 2024/09/17 8:15 p.m.224 views

CVE-2024-45812

Vite a frontend build tooling framework for javascript. Affected versions of vite were discovered to contain a DOM Clobbering vulnerability when building scripts to cjs/iife/umd output format. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptle...

6.4CVSS6.1AI score0.00079EPSS
CVE
CVEadded 2024/09/17 8:15 p.m.215 views

CVE-2024-45811

Vite a frontend build tooling framework for javascript. In affected versions the contents of arbitrary files can be returned to the browser. @fs denies access to files outside of Vite serving allow list. Adding ?import&raw to the URL bypasses this limitation and returns the file content if it exist...

4.8CVSS5AI score0.00047EPSS