Server-Side Request Forgery in Axios NPM Package
CVE-2020-28168
5.9MEDIUM
What is CVE-2020-28168?
The Axios NPM package version 0.21.0 contains a Server-Side Request Forgery (SSRF) vulnerability, allowing attackers to exploit the package by crafting a specific URL. This exploit enables them to bypass proxy configurations and access restricted hosts or IP addresses through redirect responses, posing significant security risks to systems utilizing this package.