2021-01-19 14:45:17
snyk
PUBLISHED
The package socket.io before 2.4.0 are vulnerable to Insecure Defaults due to CORS Misconfiguration. All domains are whitelisted by default.