Cross-origin resource sharing (CORS) enables browsers to perform cross domain requests in a controlled manner. This request has an Origin header that identifies the domain that is making the initial request and defines the protocol between a browser and server to see if the request is allowed. An attacker can take advantage of this and possibly carry out privileged actions and access sensitive information when the Access-Control-Allow-Credentials is enabled.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: HCL

Published: 2022-06-07T17:50:17.986852Z

Updated: 2024-09-16T21:04:10.396Z

Reserved: 2021-02-26T00:00:00

Link: CVE-2021-27786

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-06-09T17:15:08.560

Modified: 2024-11-21T05:58:33.907

Link: CVE-2021-27786

cve-icon Redhat

No data.