提交 #489634: Mindskip xzs-mysql 3.9.0 CORS Misconfiguration信息

TitleMindskip xzs-mysql 3.9.0 CORS Misconfiguration
DescriptionMindskip xzs-mysql 3.9.0 has an overly permissive Cross-Origin Resource Sharing (CORS) configuration, allowing unauthorized cross-origin requests. This misconfiguration enables attackers to exploit a victim's authenticated session to access sensitive data or perform unauthorized actions by making requests from malicious origins.
Source⚠️ https://github.com/cydtseng/Vulnerability-Research/blob/main/xzs-mysql/OverlyPermissiveCORS-Multiple.md
User
 vastzero (UID 78767)
Submission2025-01-26 10時50分 (5 月前)
Moderation2025-02-06 15時26分 (11 days later)
Status已接受
VulDB Entry294859 [Mindskip xzs-mysql 学之思开源考试系统 3.9.0 CORS 权限升级]
Points18

上一步一览下一步

Might our Artificial Intelligence support you?

Check our Alexa App!