Astro, a web framework, has a flaw where unescaped slot names are inserted into a data-astro-template attribute when a component uses a client:* directive. The lack of HTML escaping allows an attacker to inject arbitrary markup or script that executes during server‑side rendering, resulting in a reflected cross‑site scripting vulnerability. This flaw maps to CWE‑80 and can compromise the confidentiality, integrity, and availability of the rendered page. The effect is not limited to a single user; any visitor to a page that renders a malicious slot name would be impacted.

Any installation of Astro by withastro:astro that is running a version earlier than 6.3.3 is vulnerable. The issue existed in all releases before that patch, regardless of operating system or deployment method, because it is a framework‑level bug affecting the rendering engine. Even projects that rely on components with client:* directives are at risk.

The CVSS base score of 7.1 classifies this as high severity. Because the vulnerability is reflected and does not require privileged access or initial compromise, an attacker could exploit it simply by controlling the slot name sent to the template. The EPSS score is currently unavailable, and the vulnerability is not yet listed in the CISA KEV catalog, but anyone with the ability to influence slot names—such as by entering data into a user‑controllable field—can trigger the error. The risk is elevated in environments that expose the rendering process to external input or that rely heavily on client‑side directives.