Wildcard Origin


During the scan, Kayran managed to detect Wildcard Origin.
Cross-Origin Resource Sharing (CORS) is a mechanism that enables web browsers to perform cross-domain requests using the XMLHttpRequest API.
These cross-origin requests have an Origin header, that identifies the domain which sends the request.
It defines the protocol to use between a web browser and a server to determine whether a cross-origin request is allowed or not.

If a website’s CORS policy is misconfigured and implemented, it might lead to raising the potential of cross-domain attacks to occur.


CVSS Version 3.x – 3.1 Low


To prevent this Wildcard Origin, make sure that the server uses “Whitelist”. That will assist in knowing which Origin has sent the request and whether to confirm it or not.





< Return to all Vulnerabilities

What is a CWE ?

Similar to the article written on CVEs, in this article we will answer the questions :What is CWE ? and, what is the difference between

Read More »

The Dark Web

Let’s talk about the darker and more mysterious side of the internet, also known as The Dark Web. You’ve probably heard about it, whether it’s

Read More »


You must have once wondered what HTTP means and what is the difference between that ugly word to HTTPS, and if not, then please read

Read More »