3 matches found
CVE-2021-27786
Cross-origin resource sharing CORS enables browsers to perform cross domain requests in a controlled manner. This request has an Origin header that identifies the domain that is making the initial request and defines the protocol between a browser and server to see if the request is allowed. An...
CVE-2021-27786
CVE-2021-27786 affects HCL Technologies OneTest Server (versions 10.0, 10.1, 10.2). The root cause is a misconfigured HTML5 CORS policy that lacks origin restrictions, allowing requests from arbitrary origins when Access-Control-Allow-Credentials is enabled. Impact stated in sources includes pote...
CVE-2021-27786 HCL OneTest Server is vulnerable to Cross Origin Resource Sharing: Arbitrary Origin Trusted
Cross-origin resource sharing CORS enables browsers to perform cross domain requests in a controlled manner. This request has an Origin header that identifies the domain that is making the initial request and defines the protocol between a browser and server to see if the request is allowed. An...