CVE-2025-56648 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

npm parcel 2.0.0-alpha and before has an Origin Validation Error vulnerability. Malicious websites can send XMLHTTPRequests to the application's development ser…
Medium CVSS: 6.5

CVE-2025-56648

npm parcel 2.0.0-alpha and before has an Origin Validation Error vulnerability. Malicious websites can send XMLHTTPRequests to the application's development server and read the response to steal source code when developers visit them.
Vendor
Parceljs
Product
Parcel
CWE
CWE-346
Yayın Tarihi
2025-09-17 19:15:46
Güncelleme
2026-01-26 17:16:11
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-346 Parcel MEDIUM Parceljs 2025

Referanslar

https://gist.github.com/R4356th/41f468def606b2406e36f7193f5322b8 https://github.com/parcel-bundler/parcel/commit/4bc56e3242a85491c7edf589966e9b44c6330c49 https://github.com/parcel-bundler/parcel/discussions/10089 https://github.com/parcel-bundler/parcel/issues/10216