| tiêu đề | freeebird hotel 1.2 branch Permissive Cross-domain Policy with Untrusted Domains |
|---|
| Mô tả | The server’s CORS implementation reflects the client-supplied Origin header verbatim into Access-Control-Allow-Origin without any whitelist validation, while also enabling Access-Control-Allow-Credentials: true. This allows any malicious origin to make authenticated cross-origin requests and read sensitive responses.
Project Link: https://github.com/freeebird/hotel
Affected Version: 1.2 branch
Affected API: apis start with http://localhost:8080/ho-api such as http://localhost:8080/ho-api/user/profile
Code Location: /src/main/java/cn/mafangui/hotel/tool/SessionInterceptor.java:35 |
|---|
| Nguồn | ⚠️ https://github.com/ShenxiuSec/cve-proofs/blob/main/POC-20250429-01.md |
|---|
| Người dùng | ShenxiuSecurity (UID 84374) |
|---|
| Đệ trình | 29/04/2025 15:08 (cách đây 1 Năm) |
|---|
| Kiểm duyệt | 10/05/2025 15:48 (11 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 308288 [Freeebird Hotel 酒店管理系统 API đến 1.2 SessionInterceptor.java nâng cao đặc quyền] |
|---|
| điểm | 20 |
|---|