In Apache Kylin, Cross-origin requests with credentials are allowed to be sent from any origin. This issue affects Apache Kylin 2 version 2.6.6 and prior versions; Apache Kylin 3 version 3.1.2 and prior versions; Apache Kylin 4 version 4.0.0 and prior versions.
[
{
"product": "Apache Kylin",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.6.6",
"status": "affected",
"version": "Apache Kylin 2",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.1.2",
"status": "affected",
"version": "Apache Kylin 3",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.0.0",
"status": "affected",
"version": "Apache Kylin 4",
"versionType": "custom"
}
]
}
]