Server-Side Request Forgery in axios

[maiznadeem]

axios 1.7.2 allows SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs.

Package: axios (npm)
Affected versions: >= 1.3.2, <= 1.7.3
Patched version: 1.7.4

Please update the axios package in this repository.

[caineblood]

that is malware to steal your account; do not under any circumstances download or run it. The post needs to be removed. If you have attempted to run it please have your system cleaned and your account secured immediately.