parcel-bundler is vulnerable to information disclosure. The library does not validate the origin of the requests, allowing a malicious user to send a HMR (Hot Module Replacement) request to the application to gain access to the source code.
CPE | Name | Operator | Version |
---|---|---|---|
parcel-bundler | le | 1.10.0-beta.1 |