CORS Misconfigurations


During the scan, Kayran managed to find CORS Misconfigurations.
Cross-Origin Resource Sharing is a technology being used by websites to make web browsers use the Same Origin Policy, and, enabling cross-domain communication between different websites.

An attacker might exploit the misconfigured CORS in order to get any sensitive data related to users or even their session.


Use the Access-Control-Allow-Origin header to restrict which domains can create and send cross-origin requests to the web server.


< Return to all Vulnerabilities