Server side request forgery in @isomorphic-git/cors-proxy
The package @isomorphic-git/cors-proxy is vulnerable to Server-side Request Forgery (SSRF) due to missing sanitization and validation of the redirection action in middleware.js.
Advisories for Npm/@Isomorphic-Git/Cors-Proxy package
2022