Exposure of Webpack
Miscellaneous13
exposure score
660,097
sites use
0
exploited
0
critical
CVEs
3 resultsCVE-2024-43788MEDIUMDOM Clobbering Gadget found in Webpack's AutoPublicPathRuntimeModule that leads to Cross-site Scripting (XSS)EPSS 0.9%CVE-2025-68157LOWwebpack buildHttp HttpUriPlugin allowedUris bypass via HTTP redirectsEPSS 0.2%CVE-2025-68458LOWwebpack buildHttp: allowedUris allow-list bypass via URL userinfo (@) leading to build-time SSRF behaviorEPSS 0.2%
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →