CVE-2025-64764 Overview
CVE-2025-64764 is a reflected Cross-Site Scripting (XSS) vulnerability in Astro, a popular web framework for building content-driven websites. The flaw affects applications that use the server islands feature, allowing attackers to inject malicious script content into responses regardless of what the component template intended to render. The issue stems from unescaped pathname values being reflected in error page templates. Astro released version 5.15.8 to address the vulnerability.
Critical Impact
Attackers can execute arbitrary JavaScript in a victim's browser context by luring them to a crafted URL, enabling session theft, credential harvesting, and unauthorized actions on the target application.
Affected Products
- Astro framework versions prior to 5.15.8
- Node.js-based Astro deployments using the server islands feature
- Applications relying on Astro's built-in 4xx error page templates
Discovery Timeline
- 2025-11-19 - CVE-2025-64764 published to NVD
- 2026-06-17 - Last updated in NVD database
Technical Details for CVE-2025-64764
Vulnerability Analysis
The vulnerability resides in Astro's 4xx error template handling at packages/astro/src/template/4xx.ts. When the server islands feature is enabled, the framework reflects the incoming request pathname into the rendered HTML response without applying HTML entity escaping. An attacker can craft a URL containing HTML or JavaScript payloads in the path segment, which the server then embeds directly into the error page body.
Because the reflection happens at the framework level, the vulnerability applies regardless of the sanitization practices implemented in individual component templates. This makes the issue latent across all Astro applications with server islands enabled, not only those with insecure component code. This vulnerability is classified under CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page.
Root Cause
The corrected pathname variable, derived from appendForwardSlash or removeTrailingForwardSlash, was passed into the template output without HTML escaping. User-controllable request path data therefore reached the response body as raw markup.
Attack Vector
Exploitation requires the attacker to deliver a malicious URL to a victim, typically through phishing, malicious links, or an embedded iframe. When the victim loads the URL, the Astro server renders an error page that includes the attacker-supplied script, executing it in the origin's security context. User interaction is required, and the impact is limited to actions available to the victim's browser session.
// Patch from packages/astro/src/template/4xx.ts
// Source: https://github.com/withastro/astro/commit/790d9425f39bbbb462f1c27615781cd965009f91
pathname: string,
trailingSlash: 'always' | 'never' | 'ignore',
) {
- const corrected =
+ const corrected = escape(
trailingSlash === 'always'
? appendForwardSlash(pathname)
- : removeTrailingForwardSlash(pathname);
+ : removeTrailingForwardSlash(pathname),
+ );
return template({
pathname,
statusCode: 404,
The patch wraps the pathname in an escape() call to HTML-encode special characters before rendering.
Detection Methods for CVE-2025-64764
Indicators of Compromise
- Web server access logs containing URL paths with HTML tags such as <script>, <img, or onerror= sequences
- Requests to non-existent routes producing 404 responses with unusually long or encoded path segments
- Referrer headers pointing to attacker-controlled domains preceding suspicious path requests
- Client-side JavaScript errors reported by users after clicking third-party links
Detection Strategies
- Inspect Astro deployment package.json and lockfiles to identify installations of astro prior to version 5.15.8
- Deploy Web Application Firewall (WAF) rules that flag script-like payloads in URL paths
- Enable Content Security Policy (CSP) reporting to capture inline script violations triggered by injected payloads
- Correlate 4xx error responses containing reflected user input across HTTP access logs
Monitoring Recommendations
- Monitor outbound traffic from user sessions for unexpected requests to unknown domains, which may indicate exfiltration by injected scripts
- Track CSP violation reports for script-src breaches originating from application error pages
- Alert on repeated 404 requests with encoded characters (%3C, %3E, %22) in the path from a single source
How to Mitigate CVE-2025-64764
Immediate Actions Required
- Upgrade Astro to version 5.15.8 or later across all environments using npm install astro@latest or the equivalent package manager command
- Audit application dependencies for transitive Astro installations pinned to vulnerable versions
- Review server logs for prior exploitation attempts referencing scripts in URL paths
Patch Information
The fix is available in Astro 5.15.8 and merged in commit 790d9425f39bbbb462f1c27615781cd965009f91. Full details are published in the GitHub Security Advisory GHSA-wrwg-2hg8-v723 and the upstream commit.
Workarounds
- Disable the server islands feature until upgrading to a patched version is possible
- Deploy a strict Content Security Policy that forbids inline script execution to limit the impact of reflected payloads
- Configure a WAF or reverse proxy to reject request paths containing HTML control characters such as <, >, and "
# Upgrade Astro to the patched release
npm install astro@5.15.8
# Verify the installed version
npx astro --version
# Example CSP header to mitigate reflected XSS impact
# Content-Security-Policy: default-src 'self'; script-src 'self'; object-src 'none'
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

