Submit #489634: Mindskip xzs-mysql 3.9.0 CORS Misconfigurationinfo

TitleMindskip xzs-mysql 3.9.0 CORS Misconfiguration
DescriptionMindskip xzs-mysql 3.9.0 has an overly permissive Cross-Origin Resource Sharing (CORS) configuration, allowing unauthorized cross-origin requests. This misconfiguration enables attackers to exploit a victim's authenticated session to access sensitive data or perform unauthorized actions by making requests from malicious origins.
Source⚠️ https://github.com/cydtseng/Vulnerability-Research/blob/main/xzs-mysql/OverlyPermissiveCORS-Multiple.md
User
 vastzero (UID 78767)
Submission01/26/2025 10:50 AM (4 months ago)
Moderation02/06/2025 03:26 PM (11 days later)
StatusAccepted
VulDB Entry294859 [Mindskip xzs-mysql 学之思开源考试系统 3.9.0 CORS cross-domain policy]
Points18

PreviousOverviewNext

Do you want to use VulDB in your project?

Use the official API to access entries easily!