Qwik Vulnerabilities
Comprehensive security vulnerability database for Qwik products
3
1
3
0
Severity Distribution
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2023-2307 | 6.5 | This vulnerability allows an attacker to trick a user into performing unwanted actions on a website using the qwik framework, potentially compromising their account or data. It affects versions prior to 0.104.0 and requires the user to be logged in while visiting a malicious site. | qwikqwik | Exploit Available | almost 3 years agoApr 26, 2023 |
| CVE-2023-1283 | 9.8 | This vulnerability allows an attacker to inject malicious code into applications built with the qwik framework, potentially leading to unauthorized access or control over the affected systems. It affects versions prior to 0.21.0, so users running older versions are at risk if they haven't updated. | qwikqwik | Exploit Available | about 3 years agoMar 8, 2023 |
| CVE-2023-0410 | 6.1 | This vulnerability allows an attacker to inject malicious scripts into web pages viewed by users, potentially stealing sensitive information or performing actions on their behalf. It affects versions of the qwik product before 0.1.0-beta5, and an attacker would need to trick users into visiting a compromised page to exploit it. | qwikqwik | Exploit Available | about 3 years agoJan 20, 2023 |
About Qwik Security
This page tracks all publicly disclosed security vulnerabilities (CVEs) affecting Qwik products. Our database is updated in real-time from the National Vulnerability Database (NVD) and enriched with exploit information from GitHub and other security research sources.
Each CVE listing includes CVSS severity scores, exploit availability status, AI-powered vulnerability summaries, and links to official patches and security advisories.