Parse-url is vulnerable to Authorization Bypass. The parseUrl function is unable to detect the correct host, leading to open redirect or server side request forgery causing information disclosure.
CPE | Name | Operator | Version |
---|---|---|---|
parse-path | le | 4.0.4 | |
parse-path | le | 4.0.4 |