From 63833da95c144ef2970311a71c0f81c24914ff6f Mon Sep 17 00:00:00 2001
From: Nikhil Ashoka <a.nikhil@ibm.com>
Date: Mon, 25 Mar 2024 11:25:06 +0530
Subject: [PATCH] Upgraded Axios version

- Current Axios version was 0.21.4, this version has CSRF vulnerability. Referring to this issue:
  https://github.com/axios/axios/issues/6022, Axios contains a cross-site request forgery (CSRF) vulnerability due to insecure HTTP endpoint permission validation. An attacker could exploit this vulnerability by sending a crafted link to a victim to execute malicious actions on their behalf.
- v1.6.0 has fixed this problem, Upgraded the version to the same.
- Reference: https://github.com/axios/axios/pull/6028

Signed-off-by: Nikhil Ashoka <a.nikhil@ibm.com>
Change-Id: I43719d2dd4524ad1de647f7753a6c923762e1e80
---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index b0ee3401e..efdb8081a 100644
--- a/package.json
+++ b/package.json
@@ -17,7 +17,7 @@
     "dependencies": {
         "@carbon/icons-vue": "10.28.0",
         "@novnc/novnc": "1.2.0",
-        "axios": "0.21.4",
+        "axios": "1.6.0",
         "bootstrap": "4.6.0",
         "bootstrap-vue": "2.21.2",
         "core-js": "3.9.1",