Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
axios Origin Validation Error Vulnerability - CVE-2024-57965 - Vulnerability Database
axios

axios Origin Validation Error Vulnerability - CVE-2024-57965

Critical
Reference: CVE-2024-57965
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2024-57965
Title: axios Origin Validation Error Vulnerability
Overview:

In axios before 1.7.8 lib/helpers/isURLSameOrigin.js does not use a URL object when determining an origin and has a potentially unwanted setAttribute(39href39href) call. NOTE: some parties feel that the code change only addresses a warning message from a SAST tool and does not fix a vulnerability.