High-severity Server-Side Request Forgery (SSRF) vulnerability in @memberstack/dom NPM package
The @memberstack/dom package currently depends on axios versions 1.3.2 - 1.7.3, which contain a high-severity Server-Side Request Forgery (SSRF) vulnerability. This security issue was identified through npm audit.
Could you please update the axios dependency to a patched version to resolve this security concern? This will help protect all projects currently using @memberstack/dom.
Comments
2 comments
Thank you for letting us know! I will share this with the engineering team and get back ASAP.
Please sign in to leave a comment.