The npm package "playwright-qase-reporter" is currently vulnerable to a moderate Cross-Site Request Forgery (CSRF) issue in the Axios library, as identified by the npm audit advisory GHSA-wf5p-g6vw-rhxx.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
The npm package "playwright-qase-reporter" is currently vulnerable to a moderate Cross-Site Request Forgery (CSRF) issue in the Axios library, as identified by the npm audit advisory GHSA-wf5p-g6vw-rhxx.
Vulnerability Details
Severity: Moderate Package: axios Patched Version: >=1.6.0 Dependency Chain: playwright-qase-reporter > qaseio > axios Advisory Link: GHSA-wf5p-g6vw-rhxx
Recommendation:
Update the Axios library in the "playwright-qase-reporter" npm package to version >=1.6.0 to mitigate the CSRF vulnerability.
Steps to Reproduce:
The vulnerability can be verified by running the npm audit command on the "playwright-qase-reporter" npm package.
Thanks