webpack-dev-server is vulnerable to Cross-site WebSocket hijacking. The vulnerability is due to improper Origin header validation, which permits IP address origins, allows attackers to hijack WebSocket connections and steal source code via malicious…Read More