CVE-2024-42352HIGHCVSS 7.5fixed in 1.4.52024-08-05
CVE-2024-42352 [HIGH] CWE-918 CVE-2024-42352: Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue
Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js. `nuxt/icon` provides an API to allow client side icon lookup. This endpoint is at `/api/_nuxt_icon/[name]`. The proxied request path is improperly parsed, allowing an attacker to change the scheme and host of the request. This leads to SSRF, and co
ghsanvdosv