GHSA-W4GP-FJGQ-3Q4G Happy DOM's fetch credentials include uses page-origin cookies instead of target-origin cookies
Summary happy-dom may attach cookies from the current page origin window.location instead of the request target URL when fetch..., credentials: "include" is used. This can leak cookies from origin A to destination B. Details In packages/happy-dom/src/fetch/utilities/FetchRequestHeaderUtility.ts...