Описание
An issue discovered in Axios 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request made to any host allowing attackers to view sensitive information.
Уязвимые конфигурации
EPSS
6.5 Medium
CVSS3
Дефекты
Связанные уязвимости
An issue discovered in Axios 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request made to any host allowing attackers to view sensitive information.
An issue discovered in Axios 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request made to any host allowing attackers to view sensitive information.
An issue discovered in Axios 1.5.1 inadvertently reveals the confident ...
Axios Cross-Site Request Forgery Vulnerability
Уязвимость библиотеки axios, связанная с подделкой межсайтовых запросов, позволяющая нарушителю получить несанкционированный доступ к токену XSRF-TOKEN
EPSS
6.5 Medium
CVSS3