openshift-ansible: cors allowed origin allows changing url protocol
A flaw was found in openshift-ansible. OpenShift Container Platform OCP 3.11 is too permissive in the way it specified CORS allowed origins during installation. An attacker, able to man-in-the-middle the connection between the user's browser and the openshift console, could use this flaw to perfo...