Filtered by vendor Go Cors Project Subscriptions
Filtered by product Go Cors Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2018-20744 1 Go Cors Project 1 Go Cors 2024-11-21 N/A
The Olivier Poitrey Go CORS handler through 1.3.0 actively converts a wildcard CORS policy into reflecting an arbitrary Origin header value, which is incompatible with the CORS security design, and could lead to CORS misconfiguration security problems.