CVE-2025-66202 | withastro up to 5.15.7 non-canonical url paths for authorization decisions (GHSA-ggxq-hp9w-j794)

A vulnerability was found in withastro astro up to 5.15.7 and classified as critical. Affected by this issue is some unknown functionality. The manipulation results in use of non-canonical url paths for authorization decisions.

This vulnerability is cataloged as CVE-2025-66202. The attack may be launched remotely. There is no exploit available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More