Cross-origin resource sharing (CORS) enables browsers to perform cross domain requests in a controlled manner. This request has an Origin header that identifies the domain that is making the initial request and defines the protocol between a browser and server to see if the request is allowed. An attacker can take advantage of this and possibly carry out privileged actions and access sensitive information when the Access-Control-Allow-Credentials is enabled.
The product uses a web-client protection mechanism such as a Content Security Policy (CSP) or cross-domain policy file, but the policy includes untrusted domains with which the web client is allowed to communicate.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Onetest_server | Hcltech | 10.0 (including) | 10.0 (including) |
| Onetest_server | Hcltech | 10.1 (including) | 10.1 (including) |
| Onetest_server | Hcltech | 10.2 (including) | 10.2 (including) |
If a cross-domain policy file includes domains that should not be trusted, such as when using wildcards under a high-level domain, then the application could be attacked by these untrusted domains. In many cases, the attack can be launched without the victim even being aware of it.