Skip to main content
CVE Vulnerability Database
Vulnerability Database/CVE-2025-64745

CVE-2025-64745: Astro Web Framework XSS Vulnerability

CVE-2025-64745 is a reflected cross-site scripting flaw in Astro's development server that allows attackers to inject malicious JavaScript through crafted URLs. This article covers technical details, affected versions, and mitigation.

Published:

CVE-2025-64745 Overview

Astro is a web framework used to build content-driven websites. A Reflected Cross-Site Scripting (XSS) vulnerability affects Astro's development server error pages when the trailingSlash configuration option is enabled. The flaw was introduced in version 5.2.0 and remediated in version 5.15.6. Attackers can inject arbitrary JavaScript that executes in the browser context of a developer visiting a crafted URL. The issue is limited to the development server and does not affect production builds, but it exposes developer environments to compromise through social engineering or malicious links.

Critical Impact

Attackers can execute arbitrary JavaScript in a developer's browser session by luring them to a crafted URL, potentially exposing local project files, credentials in environment variables, and other developer environment assets.

Affected Products

  • Astro framework versions 5.2.0 through 5.15.5
  • Node.js-based Astro development server (astro dev)
  • Projects configured with the trailingSlash option set to always or never

Discovery Timeline

  • 2025-11-13 - CVE CVE-2025-64745 published to NVD
  • 2026-06-17 - Last updated in NVD database

Technical Details for CVE-2025-64745

Vulnerability Analysis

The vulnerability is a Reflected Cross-Site Scripting flaw [CWE-79] in the Astro development server's 4xx error page template. When a request reaches a path that does not match the configured trailingSlash rule, the server generates an error page that includes a suggested corrected pathname. That pathname is derived directly from the request URL and rendered into HTML without proper output encoding. An attacker can craft a URL containing HTML or JavaScript payloads, and when a developer opens the malicious link, the payload executes in the browser origin of the local development server.

Root Cause

The root cause is missing HTML escaping in the 4xx.ts template used by the development server. The corrected value, computed by appendForwardSlash(pathname) or removeTrailingForwardSlash(pathname), was interpolated into the response HTML without sanitization. Because the pathname reflects attacker-controlled URL input, any script content survives into the rendered page.

Attack Vector

An attacker sends a crafted link to a developer running astro dev locally. When the developer clicks the URL, the development server serves an error page reflecting the malicious pathname, and the injected script executes in the browser context of localhost. User interaction is required. Scripts can read locally served source content, exfiltrate environment data reachable from the origin, or pivot to further browser-based attacks against the developer.

typescript
// Patch: packages/astro/src/template/4xx.ts
 pathname: string,
 trailingSlash: 'always' | 'never' | 'ignore',
 ) {
-	const corrected =
+	const corrected = escape(
 		trailingSlash === 'always'
 			? appendForwardSlash(pathname)
-			: removeTrailingForwardSlash(pathname);
+			: removeTrailingForwardSlash(pathname),
+	);
 	return template({
 		pathname,
 		statusCode: 404,

Source: GitHub Commit 790d9425. The fix wraps the corrected pathname with an escape() call to HTML-encode reserved characters before rendering.

Detection Methods for CVE-2025-64745

Indicators of Compromise

  • Requests to the local Astro dev server (localhost or 127.0.0.1) containing URL-encoded <script>, onerror=, or javascript: sequences in the path
  • Browser console entries showing script execution originating from a localhost dev server error page
  • Outbound network calls from a developer browser session to unfamiliar domains shortly after clicking an external link

Detection Strategies

  • Review Astro project package.json and lockfiles to identify installed Astro versions between 5.2.0 and 5.15.5
  • Inspect astro.config.mjs for a trailingSlash option set to always or never, which are the vulnerable configurations
  • Search developer proxy or browser history logs for suspicious query strings targeting local dev server ports (default 4321)

Monitoring Recommendations

  • Monitor endpoint telemetry on developer workstations for unexpected browser-initiated network connections following clicks on external links
  • Alert on npm dependency inventories reporting astro versions below 5.15.6
  • Track process activity spawned from browser contexts on developer machines to detect follow-on payload execution

How to Mitigate CVE-2025-64745

Immediate Actions Required

  • Upgrade Astro to version 5.15.6 or later across all developer environments and CI pipelines running astro dev
  • Audit projects using the trailingSlash configuration to confirm they are running a patched release
  • Instruct developers to avoid clicking untrusted links while the Astro dev server is running locally

Patch Information

The fix is delivered in Astro 5.15.6. The patch applies HTML escaping to the reflected pathname in packages/astro/src/template/4xx.ts. See the GitHub Security Advisory GHSA-w2vj-39qv-7vh7 and Pull Request #12994 for details.

Workarounds

  • Set trailingSlash to ignore in astro.config.mjs to bypass the vulnerable code path until upgrading
  • Restrict dev server binding to 127.0.0.1 only and avoid exposing it via tunnels or LAN interfaces
  • Run the dev server in an isolated browser profile that does not hold sensitive credentials or session cookies
bash
# Upgrade Astro to the fixed release
npm install astro@^5.15.6

# Verify installed version
npx astro --version

# Temporary mitigation in astro.config.mjs
# export default defineConfig({ trailingSlash: 'ignore' });

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.