GHSA-FMG4-X8PW-HJHG Fiber has Insecure CORS Configuration, Allowing Wildcard Origin with Credentials

The CORS middleware allows for insecure configurations that could potentially expose the application to multiple CORS-related vulnerabilities. Specifically, it allows setting the Access-Control-Allow-Origin header to a wildcard "" while also having the Access-Control-Allow-Credentials set to true...

ipswitchXSS.txt

WhatsUp is a tool from Ipswitch to monitor application and network, embedding a custom web server on port 8022. Description: This custom web server is prone to multiple flaws. -as authenticated user: src disclosure http://server:8022/NmConsole/Login.asp. there are many XSS flaws, as...