CVE-2025-65019
📋 TL;DR
This vulnerability in Astro's Cloudflare adapter allows attackers to inject malicious SVG payloads via data: URLs in the image optimization endpoint, enabling Cross-Site Scripting (XSS) attacks. It affects Astro applications using the @astrojs/cloudflare adapter with output: 'server' configuration. The vulnerability bypasses domain restrictions and Content Security Policy protections.
💻 Affected Systems
- Astro with @astrojs/cloudflare adapter
📦 What is this software?
Astro by Astro
⚠️ Risk & Real-World Impact
Worst Case
Complete compromise of user sessions, credential theft, and unauthorized actions on behalf of authenticated users through persistent XSS payloads.
Likely Case
Session hijacking, cookie theft, and defacement of web pages through injected malicious scripts.
If Mitigated
Limited impact if proper input validation and output encoding are implemented elsewhere in the application.
🎯 Exploit Status
Exploitation requires the attacker to be able to inject data: URLs into the image optimization endpoint, which is typically accessible to any user.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 5.15.9
Vendor Advisory: https://github.com/withastro/astro/security/advisories/GHSA-fvmw-cj7j-j39q
Restart Required: Yes
Instructions:
1. Update Astro to version 5.15.9 or later. 2. Update @astrojs/cloudflare adapter to latest version. 3. Restart your application server. 4. Verify the fix by checking that data: URLs are no longer accepted by the image optimization endpoint.
🔧 Temporary Workarounds
Disable image optimization endpoint
allTemporarily disable the /_image endpoint to prevent exploitation while patching.
Modify Astro configuration to remove or disable image optimization features
Implement custom middleware validation
allAdd server-side validation to reject data: URLs in image requests.
Add custom middleware in your Astro server configuration to inspect and block data: URLs
🧯 If You Can't Patch
- Implement strict Content Security Policy (CSP) headers to mitigate XSS impact
- Deploy a Web Application Firewall (WAF) with rules to block data: URL patterns in image requests
🔍 How to Verify
Check if Vulnerable:
Check if your Astro application uses @astrojs/cloudflare adapter with output: 'server' and version is below 5.15.9.Check Version:
npm list astro @astrojs/cloudflareVerify Fix Applied:
Test that data: URLs are rejected by the /_image endpoint after updating to version 5.15.9 or later.📡 Detection & Monitoring
Log Indicators:
- Unusual requests to /_image endpoint with data: URLs
- Error logs showing blocked data: URL attempts
Network Indicators:
- HTTP requests containing data: URLs in image optimization parameters
SIEM Query:
source="web_server" AND uri="/_image" AND (url="data:*" OR params="data:*")