@svelte.dev on Bluesky

JavaScript RequiredThis is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is. Learn more about Bluesky at bsky.social and atproto.com.

Post

Svelte

svelte.dev

did:plc:b6gbde64ngpelprsvnphc2l2

We just published an advisory for CVE-2025-32388, a moderate severity XSS vulnerability in SvelteKit. Please update to `@sveltejs/kit@2.20.6`. The vulnerability affects applications that iterate over all search parameters inside a server `load` function. More details in the advisory 👇 https://github.com/sveltejs/kit/security/advisories/GHSA-6q87-84jw-cjhp

2025-04-14T18:03:52.185Z