Vendor
Axios is vulnerable to a Prototype Pollution attack that can be escalated into a full Man-in-the-Middle (MITM) attack by injecting a malicious proxy configuration via `Object.prototype.proxy`, allowing attackers to intercept, read, and modify all HTTP traffic, including authentication credentials.