mssql-ssrs icon indicating copy to clipboard operation
mssql-ssrs copied to clipboard

Published 20 hours ago verified publisher icon vision10

Security Vulnerability due to Old Axios Dependency

Open noahdeering opened this issue 1 year ago • 1 comments

Dependabot has found a moderate-level issue with older versions of Axios:

An issue discovered in Axios 0.8.1 through 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request made to any host allowing attackers to view sensitive information.

Seeing as how mssql-ssrs requires Axios 0.27.2, it needs to be updated to require latest Axios.

noahdeering avatar Nov 29 '23 22:11 noahdeering

Any update on this please?

jackhollowaypls avatar Jan 27 '24 17:01 jackhollowaypls

updated all packages to lates

vision10 avatar Jul 26 '24 10:07 vision10