cookie tossing attackfastify-csrf
Users that used
fastify-csrf with the "double submit" mechanism using cookies with an application deployed across multiple subdomains, e.g. "heroku"-style platform as a service.
Upgrade to version 3.1.0 or later
Have content suggestions? Visit npmjs.com/support.
publishedAdvisory PublishedMay 17th, 2021
reportedReported by AnonymousMay 17th, 2021