CVE-2026-50146
published 2026-06-22CVE-2026-50146: Astro is a web framework. Prior to 6.3.3, when a component uses a client:* directive, Astro inserts named slot content into a data-astro-template attribute…
PriorityP427medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EPSS
0.18%
7.5th percentile
Astro is a web framework. Prior to 6.3.3, when a component uses a client:* directive, Astro inserts named slot content into a data-astro-template attribute without HTML escaping the slot name allowing an attacker to break out of the attribute context and inject arbitrary HTML, resulting in reflected XSS during SSR. This vulnerability is fixed in 6.3.3.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| astro | astro | < 6.3.3 | 6.3.3 |
| astro | astro | >= 0 < 6.3.3 | 6.3.3 |
| withastro | astro | < 6.3.3 | 6.3.3 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
withastro up to 6.3.2 data-astro-template cross site scripting
vuldb·2026-06-22·CVSS 6.1
CVE-2026-50146 [MEDIUM] withastro up to 6.3.2 data-astro-template cross site scripting
A vulnerability was found in withastro astro up to 6.3.2. It has been rated as problematic. The affected element is an unknown function. The manipulation of the argument data-astro-template leads to basic cross site scripting.
This vulnerability is referenced as CVE-2026-50146. Remote exploitation of the attack is possible. No exploit is available.
Upgrading the affected component is advised.
GHSA
Astro: Reflected XSS via unescaped slot name
ghsa·2026-06-16
CVE-2026-50146 [HIGH] CWE-79 Astro: Reflected XSS via unescaped slot name
Astro: Reflected XSS via unescaped slot name
## Summary
When a component uses a `client:*` directive, Astro inserts named slot content into a `data-astro-template` attribute without HTML escaping the slot name allowing an attacker to break out of the attribute context and inject arbitrary HTML, resulting in reflected XSS during SSR.
This is similar to GHSA-wrwg-2hg8-v723 but exploits a different injection point.
## Vulnerable Code
`packages/astro/src/runtime/server/render/component.ts:371:376`
```ts
// component.ts:371
`${children[key]}`
```
I found that key is interpolated directly into the attribute value without proper escaping.
## Proof of Concept
For the PoC, I set up with a minimal repository with Astro 6.3.1, Node.js: v26.0.0.
**`astro.config.mjs`**
```js
import react from
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-06-22
Published