Filtered by vendor Go Cors Project Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2018-20744 1 Go Cors Project 1 Go Cors 2024-08-05 N/A
The Olivier Poitrey Go CORS handler through 1.3.0 actively converts a wildcard CORS policy into reflecting an arbitrary Origin header value, which is incompatible with the CORS security design, and could lead to CORS misconfiguration security problems.