Fastify is an open source web framework for Node.js from the OpenJS Foundation.Fastify A cross-site request forgery vulnerability exists in Fastify 3.0.0 and later, versions prior to 3.29.4, 4.0.0 and later, and versions prior to 4.10.2, which can be exploited to bypass checks by using the wrong Content-Type. The vulnerability can be exploited to launch cross-site request forgery attacks by using the wrong Content-Type to bypass checks and then bypass CORS protection.
CPE | Name | Operator | Version |
---|---|---|---|
fastify fastify >=3.0.0, | lt | 3.29.4 | |
fastify fastify >=4.0.0, | lt | 4.10.2 |