CVE-2025-59837 | withastro up to 5.13.9 href server-side request forgery (GHSA-qcpr-679q-rhm2)

A vulnerability has been found in withastro astro up to 5.13.9 and classified as critical. The affected element is an unknown function. The manipulation of the argument href leads to server-side request forgery.

This vulnerability is uniquely identified as CVE-2025-59837. The attack is possible to be carried out remotely. No exploit exists.

The affected component should be upgraded.VulDB Recent EntriesRead More