Cross-origin resource sharing (CORS) enables browsers to perform cross domain requests in a controlled manner. This request has an Origin header that identifies the domain that is making the initial request and defines the protocol between a browser and server to see if the request is allowed. An attacker can take advantage of this and possibly carry out privileged actions and access sensitive information when the Access-Control-Allow-Credentials is enabled.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: HCL
Published: 2022-06-07T17:50:17.986852Z
Updated: 2024-09-16T21:04:10.396Z
Reserved: 2021-02-26T00:00:00
Link: CVE-2021-27786
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-06-09T17:15:08.560
Modified: 2024-11-21T05:58:33.907
Link: CVE-2021-27786
Redhat
No data.