CVE-2026-53722 - Medium Severity Vulnerability
Vulnerable Library - nuxt-2.14.3.tgz
A minimalistic framework for server-rendered Vue.js applications (inspired by Next.js)
Library home page: https://registry.npmjs.org/nuxt/-/nuxt-2.14.3.tgz
Path to dependency file: /package.json
Path to vulnerable library: /node_modules/nuxt/package.json
Dependency Hierarchy:
- ❌ nuxt-2.14.3.tgz (Vulnerable Library)
Found in HEAD commit: de1c2b0d1a23367b161c2d995029f9693bd8a155
Found in base branch: master
Vulnerability Details
Nuxt is an open-source web development framework for Vue.js. Prior to versions 3.21.7 and 4.4.7, did not validate the URL scheme of values bound to its to or href props before rendering them into the href attribute of the underlying element. When an application binds attacker-controlled input (a query parameter, a CMS field, a user-supplied profile URL) to or :href, the attacker can supply a javascript: or vbscript: URL that is reflected verbatim into the rendered markup. Clicking the link executes the supplied script in the origin of the Nuxt application, resulting in reflected DOM-based cross-site scripting. A data:text/html,... payload reflected through the same sink does not execute in the application's origin but enables a same-tab phishing surface anchored to a legitimate application link. The same value was exposed to consumers of the component's custom slot via the href and route.href props, so applications that re-bind those values to their own anchors were affected identically. This issue has been patched in versions 3.21.7 and 4.4.7.
Publish Date: 2026-06-12
URL: CVE-2026-53722
CVSS 3 Score Details (5.4)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: Low
- Availability Impact: None
For more information on CVSS3 Scores, click here.
Suggested Fix
Type: Upgrade version
Origin: GHSA-934w-87qh-qr26
Release Date: 2026-06-12
Fix Resolution: 3.21.7
Step up your Open Source Security Game with Mend here
CVE-2026-53722 - Medium Severity Vulnerability
A minimalistic framework for server-rendered Vue.js applications (inspired by Next.js)
Library home page: https://registry.npmjs.org/nuxt/-/nuxt-2.14.3.tgz
Path to dependency file: /package.json
Path to vulnerable library: /node_modules/nuxt/package.json
Dependency Hierarchy:
Found in HEAD commit: de1c2b0d1a23367b161c2d995029f9693bd8a155
Found in base branch: master
Nuxt is an open-source web development framework for Vue.js. Prior to versions 3.21.7 and 4.4.7, did not validate the URL scheme of values bound to its to or href props before rendering them into the href attribute of the underlying element. When an application binds attacker-controlled input (a query parameter, a CMS field, a user-supplied profile URL) to or :href, the attacker can supply a javascript: or vbscript: URL that is reflected verbatim into the rendered markup. Clicking the link executes the supplied script in the origin of the Nuxt application, resulting in reflected DOM-based cross-site scripting. A data:text/html,... payload reflected through the same sink does not execute in the application's origin but enables a same-tab phishing surface anchored to a legitimate application link. The same value was exposed to consumers of the component's custom slot via the href and route.href props, so applications that re-bind those values to their own anchors were affected identically. This issue has been patched in versions 3.21.7 and 4.4.7.
Publish Date: 2026-06-12
URL: CVE-2026-53722
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: Low
- Availability Impact: None
For more information on CVSS3 Scores, click here.Type: Upgrade version
Origin: GHSA-934w-87qh-qr26
Release Date: 2026-06-12
Fix Resolution: 3.21.7
Step up your Open Source Security Game with Mend here