axios Server-Side Request Forgery (SSRF) Vulnerability - CVE-2020-28168 - Vulnerability Database

axios Server-Side Request Forgery (SSRF) Vulnerability - CVE-2020-28168

Medium

Reference: CVE-2020-28168

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-28168

Title: axios Server-Side Request Forgery (SSRF) Vulnerability

Overview:

Axios NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address.