CNNVD-202511-2192 Information

CNNVD ID

CNNVD-202511-2192

Related CVE

CVE-2025-64764

• CNNVD Published: 2025-11-19

Description (Chinese)

Astro是Astro开源的一个内容驱动网站的 web 框架。 Astro 5.15.8之前版本存在安全漏洞，该漏洞源于服务器岛屿功能存在反射型跨站脚本漏洞，可能导致恶意代码执行。

Description (English)

Astro is the web framework for a content-driven site that is open to Astro. There was a security gap in the pre-Astro 5.15.8 version, which stemmed from the reflective cross-site script gap in server island functionality, which could lead to malicious code enforcement.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Astro

Published

2025-11-19

Last Modified

2026-02-24

References

https://github.com/withastro/astro/commit/790d9425f39bbbb462f1c27615781cd965009f91 https://github.com/withastro/astro/security/advisories/GHSA-wrwg-2hg8-v723

Patch

https://github.com/withastro/astro/releases