Open imhunterand opened 1 year ago
The package socket.io before 2.4.0 are vulnerable to Insecure Defaults due to CORS Misconfiguration. All domains are whitelisted by default.
CVE-2020-28481 Severity Moderate GHSA-fxwf-4rqh-v8g3
Severity Moderate
The package socket.io before 2.4.0 are vulnerable to Insecure Defaults due to CORS Misconfiguration. All domains are whitelisted by default.
CVE-2020-28481
Severity Moderate
GHSA-fxwf-4rqh-v8g3