Skip to content

Axios Cross-Site Request Forgery Vulnerability #3

Open
Open
Axios Cross-Site Request Forgery Vulnerability#3
@arthurducept

Description

@arthurducept
arthurducept
opened on Nov 26, 2025

npm audit report

axios <=0.30.1
Severity: high
Axios Cross-Site Request Forgery Vulnerability - GHSA-wf5p-g6vw-rhxx
axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL - GHSA-jr5f-v2jv-69x6
Axios is vulnerable to DoS attack through lack of data size check - GHSA-4hjh-wcwx-xvwj
No fix available
node_modules/axios
@mailpace/mailpace.js *
Depends on vulnerable versions of axios
node_modules/@mailpace/mailpace.js

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions