Vulnerability	Vulnerable Version
L HTTP Request Smuggling @nuxt/nitro-server is a Nitro server integration for Nuxt Affected versions of this package are vulnerable to HTTP Request Smuggling via the `__nuxt_island` endpoint when responses are not properly bound to request props, allowing shared-cache poisoning. An attacker can cause users to receive attacker-controlled HTML by priming a shared cache with crafted requests, potentially leading to script execution if unsafe HTML sinks are present in application-authored islands. Note: This is only exploitable if a shared intermediary cache (such as a CDN or reverse-proxy) keys `/__nuxt_island/*` requests on the path only, and if an island component passes untrusted props into an unsafe HTML sink. How to fix HTTP Request Smuggling? Upgrade `@nuxt/nitro-server` to version 3.21.6, 4.4.6 or higher.	>=3.20.0 <3.21.6>=4.2.0 <4.4.6

HTTP Request Smuggling

@nuxt/nitro-server is a Nitro server integration for Nuxt

Affected versions of this package are vulnerable to HTTP Request Smuggling via the __nuxt_island endpoint when responses are not properly bound to request props, allowing shared-cache poisoning. An attacker can cause users to receive attacker-controlled HTML by priming a shared cache with crafted requests, potentially leading to script execution if unsafe HTML sinks are present in application-authored islands.

Note: This is only exploitable if a shared intermediary cache (such as a CDN or reverse-proxy) keys /__nuxt_island/* requests on the path only, and if an island component passes untrusted props into an unsafe HTML sink.

How to fix HTTP Request Smuggling?

Upgrade @nuxt/nitro-server to version 3.21.6, 4.4.6 or higher.

>=3.20.0 <3.21.6>=4.2.0 <4.4.6

Go back to all versions of this package