An issue discovered in Axios 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request made to any host allowing attackers to view sensitive information.
{ "binaries": [ { "binary_version": "0.19.0+dfsg-2", "binary_name": "node-axios" } ] }
{ "binaries": [ { "binary_version": "0.26.0+dfsg-1", "binary_name": "node-axios" } ] }
{ "binaries": [ { "binary_version": "1.6.8+dfsg-2", "binary_name": "node-axios" } ] }
{ "binaries": [ { "binary_version": "1.7.9+dfsg-1", "binary_name": "node-axios" } ] }