Vite Arbitrary File Read vulnerability (CVE-2025-30208)
março 28, 2025
Overview Recently, NSFOCUS CERT detected that Vite issued a security announcement and fixed the arbitrary file reading vulnerability of Vite (CVE-2025-30208). Since the Vite development server does not strictly verify the path when processing URL requests, unauthenticated attackers can bypass path access restrictions by constructing special URLs to obtain sensitive files outside the project root […]
