The package @isomorphic-git/cors-proxy prior to 2.7.1 are vulnerable to Server-side Request Forgery (SSRF) due to missing sanitization and validation of the redirection action in middleware.js.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
isomorphic-git cors-proxy |