A critical security issue has been identified in the Axios package for JavaScript, which poses significant risks to millions of servers due to server-side request forgery (SSRF) and credential leakage.
This vulnerability occurs when absolute URLs are used in Axios requests, even when a base URL is specified.
https://gbhackers.com/java-axios-package-vulnerability/