Remote Code Execution (RCE)

Vitest is vulnerable to Remote Code Execution (RCE). The vulnerability is due to the WebSocket server not validating the Origin header and lacking an authorization mechanism, allowing an attacker to inject and execute arbitrary code via the saveTestFile and rerun…Read More