typesense-docsearch.js icon indicating copy to clipboard operation
typesense-docsearch.js copied to clipboard

Published 20 hours ago verified publisher icon typesense

Bump typesense-js (CVE-2023-45857)

Open JasonWhall opened this issue 9 months ago • 0 comments

Description

CSRF vulnerability affecting axios versions < 1.6.0.

typesense-docsearch-react depends on "typesense": "^1.7.2" which includes a vulnerable version of axios.

Steps to reproduce

Related bug

Expected behavior

Update typesense-js to >=1.8.0

JasonWhall avatar May 13 '24 15:05 JasonWhall