2 matches found
Axios 安全漏洞
Axios is an open-source HTTP client developed by Axios. Versions prior to Axios 1.15.1 and 0.31.1 contain security vulnerabilities. These vulnerabilities stem from the XSRF token protection logic, which uses JavaScript truth/false value semantics instead of strict boolean comparisons. This leads ...
AZL-79064 CVE-2020-24553 affecting package golang 1.25.7-1
Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header...