Find real vulnerabilities before they ship
Vulnerability Database › npm › CVE-2020-28481
The package socket.io before 2.4.0 are vulnerable to Insecure Defaults due to CORS Misconfiguration. All domains are whitelisted by default.
Base Score