tiny-csrf@1.0.3 vulnerabilities
Tiny CSRF library for use with ExpressJS
-
latest version
1.1.4
-
latest non vulnerable version
-
first published
2 years ago
-
latest version published
5 months ago
-
licenses detected
- >=1.0.1
Direct Vulnerabilities
Known vulnerabilities in the tiny-csrf package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
tiny-csrf is a tiny csrf library meant to replace csurf. Affected versions of this package are vulnerable to Cross-site Request Forgery (CSRF) in How to fix Cross-site Request Forgery (CSRF)? Upgrade |
<1.1.0
|