Cross-site Scripting (XSS)Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the navigateTo open option. An attacker can execute arbitrary scripts in the application's origin by supplying a crafted open parameter containing a script-capable URL.
How to fix Cross-site Scripting (XSS)? Upgrade nuxt to version 3.21.7, 4.4.7 or higher.
| <3.21.7>=4.0.0-alpha.1 <4.4.7 |
Open RedirectAffected versions of this package are vulnerable to Open Redirect via the reloadNuxtApp() function. An attacker can redirect users to attacker-controlled hosts by injecting protocol-relative paths such as //evil.com, potentially enabling phishing attacks or theft of OAuth authorization codes.
How to fix Open Redirect? Upgrade nuxt to version 3.21.7, 4.4.7 or higher.
| <3.21.7>=4.0.0-alpha.1 <4.4.7 |
Cross-site Scripting (XSS)Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the NoScript component when untrusted input is interpolated into its slot content. An attacker can inject malicious HTML or scripts by supplying specially crafted data that is rendered unescaped in the server-generated HTML, potentially leading to execution of arbitrary code in the user's browser.
How to fix Cross-site Scripting (XSS)? Upgrade nuxt to version 3.21.7, 4.4.7 or higher.
| <3.21.7>=4.0.0-alpha.1 <4.4.7 |
Open RedirectAffected versions of this package are vulnerable to Open Redirect via improper handling of URLs in the navigateTo function. An attacker can execute arbitrary scripts or redirect users to malicious sites by supplying crafted URLs that exploit path normalization and protocol-relative bypasses.
How to fix Open Redirect? Upgrade nuxt to version 3.21.7, 4.4.7 or higher.
| <3.21.7>=4.0.0-alpha.1 <4.4.7 |
Cross-site Scripting (XSS)Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the NuxtLink href when attacker-controlled input is bound to the to or href properties. An attacker can execute arbitrary scripts in the context of the application by supplying a crafted javascript: or data: URL, which is reflected into the rendered markup and executed when a user clicks the link. This also exposes a phishing surface by allowing data URLs to be reflected through the same sink, enabling deceptive links anchored to legitimate application content.
How to fix Cross-site Scripting (XSS)? Upgrade nuxt to version 3.21.7, 4.4.7 or higher.
| |
Cross-site Scripting (XSS)Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to improper handling of URL inputs in the navigateTo function. An attacker can execute arbitrary script code by inserting specially crafted payloads into the URL that bypass the protocol checks.
Note
This is only exploitable if server-side rendering (SSR) has occurred; the javascript: protocol within a location header does not trigger XSS.
How to fix Cross-site Scripting (XSS)? Upgrade nuxt to version 3.12.4 or higher.
| |