2 CVEs categorized as CWE-94 — Code Injection in Nuxt.
CVE-2024-34344HIGH2024
Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js. Due to the insufficient validation of the `path` parameter in the NuxtTestComponentWrapper, an attacker can execute arbitrary JavaScript on the server side, which allows them to execute arbitrary…
CVE-2023-3224HIGH2023
Code Injection in GitHub repository nuxt/nuxt prior to 3.5.3.