Lucene search

K
cvelistMitreCVELIST:CVE-2023-45857
HistoryNov 08, 2023 - 12:00 a.m.

CVE-2023-45857

2023-11-0800:00:00
mitre
www.cve.org
axios
xsrf-token
cookies
http header
security issue
information disclosure

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.9%

An issue discovered in Axios 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request made to any host allowing attackers to view sensitive information.

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.9%