`), it is possible to inject arbitrary HTML into the transformed output by supplying a malicious URL query string to `server.transformIndexHtml`. Only apps using `appType: 'custom'` and using the default Vite HTML middleware ar...","inLanguage":"en-US","mainEntityOfPage":{"@type":"WebPage","@id":"https://intel.enki-guard.com/vulnerability/CVE-2023-49293-vite-html-transformation-arbitrary-html-injection-via-malicious-url-query"},"url":"https://intel.enki-guard.com/vulnerability/CVE-2023-49293-vite-html-transformation-arbitrary-html-injection-via-malicious-url-query","identifier":"CVE-2023-49293","keywords":"CVE-2023-49293, CVE, vulnerability, security advisory, Medium severity","about":{"@type":"Thing","name":"CVE-2023-49293","identifier":"CVE-2023-49293"},"author":{"@type":"Organization","name":"AnKi Security OÜ","url":"https://anki-security.com"},"publisher":{"@type":"Organization","name":"Enki CVE Intelligence","url":"https://intel.enki-guard.com","logo":{"@type":"ImageObject","url":"https://intel.enki-guard.com/og/static/home.png"}},"datePublished":"2023-12-04T23:15:27+00:00","dateModified":"2024-11-21T08:33:12+00:00","image":"https://intel.enki-guard.com/og/cve/CVE-2023-49293.png"}