EPSS
Percentile
30.2%
nuxt is vulnerable to cross-site scripting (XSS) attacks. The library unsafely renders the stack trace within errors, which allows an attacker to inject and execute malicious JavaScript via a specifically crafted URL request.
github.com/advisories/GHSA-w9pr-59v3-7rgc
github.com/nuxt/framework/commit/253c8f7ee0c0c580c44dedbe9387646264e90a1e
huntr.dev/bounties/70ac720d-c932-4ed3-98b1-dd2cbcb90185
huntr.dev/bounties/70ac720d-c932-4ed3-98b1-dd2cbcb90185/