You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Updated undici, avoiding CVE-2023-45143. The potential impact of this security vulnerability should have been very low: when using the fetch-node backend and a cookie-based session type, an attacker with the ability to create an open redirect on the target API could potentially have obtained session cookies for the API. (I see no reason to expect an open redirect vulnerability to exist in the action API: I’m not aware of any API action that issues HTTP-level redirects at all.)
