Skip to content

Insecure defaults due to CORS misconfiguration in socket.io

Moderate severity GitHub Reviewed Published Jan 20, 2021 • Updated Jan 29, 2021

Package

npm socket.io (npm)

Affected versions

< 2.4.0

Patched versions

2.4.0

Description

CVE ID

CVE-2020-28481