VYPR
Moderate severityNVD Advisory· Published Nov 8, 2023· Updated Sep 4, 2024

CVE-2023-45857

CVE-2023-45857

Description

An issue discovered in Axios 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request made to any host allowing attackers to view sensitive information.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
axiosnpm
>= 1.0.0, < 1.6.01.6.0
axiosnpm
>= 0.8.1, < 0.28.00.28.0

Affected products

49

Patches

Vulnerability mechanics

References

13

News mentions

0

No linked articles in our index yet.