CVE-2024-39338 | axios 1.7.2 Relative URL server-side request forgery

Inserito da Angelo Barbosa | Ago 9, 2024 | CVE

A vulnerability was found in axios 1.7.2 and classified as critical. Affected by this issue is some unknown functionality of the component Relative URL Handler. The manipulation leads to server-side request forgery.

This vulnerability is handled as CVE-2024-39338. The attack needs to be initiated within the local network. There is no exploit available.

CVE-2024-39338 | axios 1.7.2 Relative URL server-side request forgery

Post correlati

CVE-2024-1729 | gradio prior 4.19.2 timing discrepancy

CVE-2023-40261 | Diebold Nixdorf Vynamic Security Suite Pre-Boot Authorization improper authorization

CVE-2023-50932 | Savignano SNotify up to 4.0.1 on Confluence Setting cross-site request forgery

CVE-2024-33589 | WPOmnia KB Support Plugin up to 1.6.0 on WordPress authorization