EPSS
Percentile
53.0%
Affected versions of socket.io are vulnerable to Insecure Defaults due to CORS Misconfiguration. All domains are whitelisted by default.
socket.io
Update to version 2.4.0 or later.