2026-02-23 00:00:00
mitre
PUBLISHED
An issue pertaining to CWE-295: Improper Certificate Validation was discovered in YMFE yapi v1.12.0. The application disables TLS/SSL certificate validation by setting rejectUnauthorized: false in the HTTPS agent configuration for Axios requests