Vite exposes content of non-allowed files using inline&import or raw import. Only apps explicitly exposing the Vite dev server to the network (using --host or server.host config option) are affected.
CVE Link
Exploit Platform
Exploit Type
Product Name