Quarkus CORS filter allows simple GET and POST requests with invalid Origin to proceed. Simple GET or POST requests made with XMLHttpRequest are the ones which have no event listeners registered on the object returned by the XMLHttpRequest upload property and have no ReadableStream object used in the request.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2022-12-06T00:00:00
Updated: 2024-08-03T01:27:54.547Z
Reserved: 2022-11-28T00:00:00
Link: CVE-2022-4147
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-12-06T19:15:10.613
Modified: 2024-11-21T07:34:40.077
Link: CVE-2022-4147
Redhat