Usage of the CORS handler may apply improper CORS headers, allowing the requester to explicitly control the value of the Access-Control-Allow-Origin header, which bypasses the expected behavior of the Same Origin Policy.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Go
Published: 2022-12-27T21:13:00.461Z
Updated: 2024-08-05T21:45:25.986Z
Reserved: 2022-07-29T16:07:09.685Z
Link: CVE-2017-20146
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-12-27T22:15:11.070
Modified: 2023-01-06T16:26:16.767
Link: CVE-2017-20146
Redhat