CVE-2026-45669
5.4 MEDIUMNuxt is an open-source web development framework for Vue.js
Published: 2026-06-12 · Last updated: 2026-06-15
Severity and scoring
- CVSS
- 5.4 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
- CWE
- CWE-83
Affected products
| Vendor | Product |
|---|---|
| nuxt | nuxt |
Description
Nuxt is an open-source web development framework for Vue.js. From versions 3.4.3 to before 3.21.6 and 4.0.0-alpha.1 to before 4.4.6, navigateTo() with external: true generates a server-side HTML redirect body containing a <meta http-equiv="refresh"> tag. The destination URL is only sanitized by replacing " with %22, leaving <, >, &, and ' unencoded. An attacker who can influence the URL passed to navigateTo(url, { external: true }) can break out of the content="…" attribute and inject arbitrary HTML/JavaScript that executes under the application's origin. This issue has been patched in versions 3.21.6 and 4.4.6.
Source: NVD
References
Related CVEs
Same vendor
- CVE-2026-53722 — Nuxt is an open-source web development framework for Vue.js (5.4 MEDIUM)
- CVE-2026-53721 — Nuxt is an open-source web development framework for Vue.js (8.2 HIGH)
- CVE-2026-49993 — Nuxt is an open-source web development framework for Vue.js (5.7 MEDIUM)
- CVE-2026-47200 — Nuxt is an open-source web development framework for Vue.js (5.3 MEDIUM)
- CVE-2026-46342 — Nuxt is an open-source web development framework for Vue.js (5.4 MEDIUM)
Same CWE
- CVE-2026-53841 — OpenClaw before 2026.5.12 contains a cross-site scripting vulnerability in exported session HTML that preserves unsafe javascript: and da... (6.1 MEDIUM)
- CVE-2026-53722 — Nuxt is an open-source web development framework for Vue.js (5.4 MEDIUM)
- CVE-2026-8245 — Concrete CMS 9.5.0 and below is vulnerable to Reflected XSS in Legacy Pagination via HTML attribute injection (5.4 MEDIUM)