Play With Docker is a browser-based Docker playground. Versions 0.0.2 and prior are vulnerable to domain hijacking.Because CORS configuration was not correct, an attacker could use play-with-docker.com as an example and set the origin header in an http request as evil-play-with-docker.com. The doma...
6.5CVSS
6.3AI Score
0.002EPSS
Play With Docker < 0.0.2 has an insecure CAP_SYS_ADMIN privileged mode causing the docker container to escape.
9.8CVSS
9.2AI Score
0.002EPSS