Common Weakness Enumeration

CWE-942

Allowed

Permissive Cross-domain Security Policy with Untrusted Domains

Abstraction: Variant · Status: Incomplete

The product uses a web-client protection mechanism such as a Content Security Policy (CSP) or cross-domain policy file, but the policy includes untrusted domains with which the web client is allowed to communicate.

177 vulnerabilities reference this CWE, most recent first.

CVE-2020-36851 (GCVE-0-2020-36851)

Vulnerability from cvelistv5 – Published: 2025-09-25 14:45 – Updated: 2026-06-23 16:13
VLAI
Title
Rob--W cors-anywhere Misconfigured CORS Proxy Allows SSRF
Summary
Rob--W cors-anywhere instances configured as an open proxy allow unauthenticated external users to induce the server to make HTTP requests to arbitrary targets (SSRF). Because the proxy forwards requests and headers, an attacker can reach internal-only endpoints and link-local metadata services, retrieve instance role credentials or other sensitive metadata, and interact with internal APIs and services that are not intended to be internet-facing. The vulnerability is exploitable by sending crafted requests to the proxy with the target resource encoded in the URL; many cors-anywhere deployments forward arbitrary methods and headers (including PUT), which can permit exploitation of IMDSv2 workflows as well as access to internal management APIs. Successful exploitation can result in theft of cloud credentials, unauthorized access to internal services, remote code execution or privilege escalation (depending on reachable backends), data exfiltration, and full compromise of cloud resources. Mitigation includes: restricting the proxy to trusted origins or authentication, whitelisting allowed target hosts, preventing access to link-local and internal IP ranges, removing support for unsafe HTTP methods/headers, enabling cloud provider mitigations, and deploying network-level protections.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-942 - Permissive Cross-domain Policy with Untrusted Domains
  • CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
Impacted products
Vendor Product Version
Rob--W / cors-anywhere Rob--W / cors-anywhere Affected: 0 , ≤ 0.4.4 (semver)
Create a notification for this product.
Credits
CertiK's Pentesting Team Jonathan Leitschuh
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-36851",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-25T15:44:47.320455Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-09-25T15:48:32.729Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "modules": [
            "Proxy forwarding / request forwarding component"
          ],
          "packageName": "cors-anywhere",
          "packageURL": "pkg:github/Rob--W/cors-anywhere",
          "product": "Rob--W / cors-anywhere",
          "repo": "https://github.com/Rob--W/cors-anywhere",
          "vendor": "Rob--W / cors-anywhere",
          "versions": [
            {
              "lessThanOrEqual": "0.4.4",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "CertiK\u0027s Pentesting Team"
        },
        {
          "lang": "en",
          "type": "reporter",
          "value": "Jonathan Leitschuh"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eRob--W cors-anywhere instances configured as an open proxy allow unauthenticated external users to induce the server to make HTTP requests to arbitrary targets (SSRF). Because the proxy forwards requests and headers, an attacker can reach internal-only endpoints and link-local metadata services, retrieve instance role credentials or other sensitive metadata, and interact with internal APIs and services that are not intended to be internet-facing. The vulnerability is exploitable by sending crafted requests to the proxy with the target resource encoded in the URL; many cors-anywhere deployments forward arbitrary methods and headers (including PUT), which can permit exploitation of IMDSv2 workflows as well as access to internal management APIs. Successful exploitation can result in theft of cloud credentials, unauthorized access to internal services, remote code execution or privilege escalation (depending on reachable backends), data exfiltration, and full compromise of cloud resources. Mitigation includes: restricting the proxy to trusted origins or authentication, whitelisting allowed target hosts, preventing access to link-local and internal IP ranges, removing support for unsafe HTTP methods/headers, enabling cloud provider mitigations, and deploying network-level protections.\u003c/p\u003e"
            }
          ],
          "value": "Rob--W cors-anywhere instances configured as an open proxy allow unauthenticated external users to induce the server to make HTTP requests to arbitrary targets (SSRF). Because the proxy forwards requests and headers, an attacker can reach internal-only endpoints and link-local metadata services, retrieve instance role credentials or other sensitive metadata, and interact with internal APIs and services that are not intended to be internet-facing. The vulnerability is exploitable by sending crafted requests to the proxy with the target resource encoded in the URL; many cors-anywhere deployments forward arbitrary methods and headers (including PUT), which can permit exploitation of IMDSv2 workflows as well as access to internal management APIs. Successful exploitation can result in theft of cloud credentials, unauthorized access to internal services, remote code execution or privilege escalation (depending on reachable backends), data exfiltration, and full compromise of cloud resources. Mitigation includes: restricting the proxy to trusted origins or authentication, whitelisting allowed target hosts, preventing access to link-local and internal IP ranges, removing support for unsafe HTTP methods/headers, enabling cloud provider mitigations, and deploying network-level protections."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-664",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-664 Server Side Request Forgery"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 9.5,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:H",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-942",
              "description": "CWE-942 Permissive Cross-domain Policy with Untrusted Domains",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-918",
              "description": "CWE-918 Server-Side Request Forgery (SSRF)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-23T16:13:02.486Z",
        "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "shortName": "VulnCheck"
      },
      "references": [
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/Rob--W/cors-anywhere/issues/152"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/Rob--W/cors-anywhere/issues/78"
        },
        {
          "tags": [
            "technical-description"
          ],
          "url": "https://www.certik.com/resources/blog/cors-anywhere-dangers-of-misconfigured-third-party-software"
        },
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.vulncheck.com/advisories/rob-w-cors-anywhere-misconfigured-cors-proxy-allows-ssrf"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://github.com/SocketDev/security-research/security/advisories/GHSA-9wmg-93pw-fc3g"
        },
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://github.com/Rob--W/cors-anywhere/issues/521"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Rob--W cors-anywhere Misconfigured CORS Proxy Allows SSRF",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Mitigation includes: restricting the proxy to trusted origins or authentication, whitelisting allowed target hosts, preventing access to link-local and internal IP ranges, removing support for unsafe HTTP methods/headers, enabling cloud provider mitigations, and deploying network-level protections.\u003cbr\u003e"
            }
          ],
          "value": "Mitigation includes: restricting the proxy to trusted origins or authentication, whitelisting allowed target hosts, preventing access to link-local and internal IP ranges, removing support for unsafe HTTP methods/headers, enabling cloud provider mitigations, and deploying network-level protections."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
    "assignerShortName": "VulnCheck",
    "cveId": "CVE-2020-36851",
    "datePublished": "2025-09-25T14:45:38.599Z",
    "dateReserved": "2025-09-25T13:38:54.393Z",
    "dateUpdated": "2026-06-23T16:13:02.486Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2019-14860 (GCVE-0-2019-14860)

Vulnerability from cvelistv5 – Published: 2019-11-08 14:45 – Updated: 2024-08-05 00:26
VLAI
Summary
It was found that the Syndesis configuration for Cross-Origin Resource Sharing was set to allow all origins. An attacker could use this lack of protection to conduct phishing attacks and further access unauthorized information.
CWE
Assigner
References
URL Tags
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2… x_refsource_CONFIRM
https://access.redhat.com/errata/RHSA-2019:3892 vendor-advisoryx_refsource_REDHAT
Impacted products
Vendor Product Version
[UNKNOWN] syndesis Affected: n/a
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T00:26:39.101Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14860"
          },
          {
            "name": "RHSA-2019:3892",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:3892"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "syndesis",
          "vendor": "[UNKNOWN]",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "It was found that the Syndesis configuration for Cross-Origin Resource Sharing was set to allow all origins. An attacker could use this lack of protection to conduct phishing attacks and further access unauthorized information."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-942",
              "description": "CWE-942",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-11-14T23:07:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14860"
        },
        {
          "name": "RHSA-2019:3892",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:3892"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2019-14860",
    "datePublished": "2019-11-08T14:45:52.000Z",
    "dateReserved": "2019-08-10T00:00:00.000Z",
    "dateUpdated": "2024-08-05T00:26:39.101Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

GHSA-22CJ-GF6G-GPGC

Vulnerability from github – Published: 2025-08-18 15:30 – Updated: 2025-08-18 15:30
VLAI
Details

IBM Concert Software 1.0.0 through 1.1.0 uses cross-origin resource sharing (CORS) which could allow an attacker to carry out privileged actions as the domain name is not being limited to only trusted domains.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-27909"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-697",
      "CWE-942"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-18T14:15:28Z",
    "severity": "MODERATE"
  },
  "details": "IBM Concert Software 1.0.0 through 1.1.0 uses cross-origin resource sharing (CORS) which could allow an attacker to carry out privileged actions as the domain name is not being limited to only trusted domains.",
  "id": "GHSA-22cj-gf6g-gpgc",
  "modified": "2025-08-18T15:30:32Z",
  "published": "2025-08-18T15:30:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27909"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7242354"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-254G-WCPQ-W26F

Vulnerability from github – Published: 2026-03-26 15:30 – Updated: 2026-03-26 15:30
VLAI
Details

HCL Aftermarket DPC is affected by Cross-Origin Resource Sharing vulnerability. CORS misconfigurations includes the exposure of sensitive user information to attackers, unauthorized access to APIs, and possible data manipulation or leakage. If an attacker to exploit CORS misconfiguration, they could steal sensitive data, perform actions on behalf of a legitimate user.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-55274"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-942"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-26T13:16:27Z",
    "severity": "LOW"
  },
  "details": "HCL Aftermarket DPC is affected by Cross-Origin Resource Sharing vulnerability. CORS misconfigurations includes the exposure of sensitive user information to attackers, unauthorized access to APIs, and possible data manipulation or leakage. If an attacker to exploit CORS misconfiguration, they could steal sensitive data, perform actions on behalf of a legitimate user.",
  "id": "GHSA-254g-wcpq-w26f",
  "modified": "2026-03-26T15:30:39Z",
  "published": "2026-03-26T15:30:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55274"
    },
    {
      "type": "WEB",
      "url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0129793"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-26RC-MJ52-PCF5

Vulnerability from github – Published: 2024-08-28 12:30 – Updated: 2024-09-12 15:32
VLAI
Details

HyperView Geoportal Toolkit in versions though 8.2.4 does not restrict cross-domain requests when fetching remote content pointed by one of GET request parameters. An unauthenticated remote attacker can prepare links, which upon opening will load scripts from a remote location controlled by the attacker and execute them in the user space. By manipulating this parameter it is also possible to enumerate some of the devices in Local Area Network in which the server resides.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-6449"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-942"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-28T12:15:06Z",
    "severity": "MODERATE"
  },
  "details": "HyperView\u00a0Geoportal Toolkit in versions though\u00a08.2.4 does not restrict cross-domain requests when fetching remote content pointed by one of GET request parameters.\nAn unauthenticated remote attacker can prepare links, which upon opening will load scripts from a remote location controlled by the attacker and execute them in the user space.\nBy manipulating this parameter it is also possible to enumerate some of the devices in Local Area Network in which the server resides.",
  "id": "GHSA-26rc-mj52-pcf5",
  "modified": "2024-09-12T15:32:59Z",
  "published": "2024-08-28T12:30:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6449"
    },
    {
      "type": "WEB",
      "url": "https://cert.pl/en/posts/2024/08/CVE-2024-6449"
    },
    {
      "type": "WEB",
      "url": "https://cert.pl/posts/2024/08/CVE-2024-6449"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-2FW7-6F7R-FX94

Vulnerability from github – Published: 2026-01-28 21:31 – Updated: 2026-01-29 21:30
VLAI
Details

Permissive Cross-domain Security Policy with Untrusted Domains vulnerability in Drupal Next.Js allows Cross-Site Scripting (XSS).This issue affects Next.Js: from 0.0.0 before 1.6.4, from 2.0.0 before 2.0.1.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-13984"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-942"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-28T20:16:07Z",
    "severity": "MODERATE"
  },
  "details": "Permissive Cross-domain Security Policy with Untrusted Domains vulnerability in Drupal Next.Js allows Cross-Site Scripting (XSS).This issue affects Next.Js: from 0.0.0 before 1.6.4, from 2.0.0 before 2.0.1.",
  "id": "GHSA-2fw7-6f7r-fx94",
  "modified": "2026-01-29T21:30:30Z",
  "published": "2026-01-28T21:31:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13984"
    },
    {
      "type": "WEB",
      "url": "https://www.drupal.org/sa-contrib-2025-122"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-2P2X-HPG8-CQP2

Vulnerability from github – Published: 2026-02-09 17:18 – Updated: 2026-02-09 22:38
VLAI
Summary
Litestar's CORS origin allowlist has a bypass due to unescaped regex metacharacters in allowed origins
Details

Summary

CORS origin validation can be bypassed because the allowed-origins allowlist is compiled into a regex without escaping metacharacters (notably .). An allowed origin like https://good.example can match https://goodXexample, resulting in Access-Control-Allow-Origin being set for an untrusted origin

Details

CORSConfig.allowed_origins_regex is constructed using a regex built from configured allowlist values and used with fullmatch() for validation. Because metacharacters are not escaped, a malicious origin can match unexpectedly. The check relies on allowed_origins_regex.fullmatch(origin).

PoC

Server (poc_cors_server.py)

from litestar import Litestar, get
from litestar.config.cors import CORSConfig

@get("/c")
async def c() -> str:
    return "ok"

cors = CORSConfig(
    allow_origins=["https://good.example"],
    allow_credentials=True,
)
app = Litestar([c], cors_config=cors)

uvicorn poc_cors_server:app --host 127.0.0.1 --port 8002

Client (poc_cors_client.py)

import http.client

def req(origin: str) -> tuple[int, str | None]:
    c = http.client.HTTPConnection("127.0.0.1", 8002, timeout=3)
    c.request("GET", "/c", headers={"Origin": origin, "Host": "example.com"})
    r = c.getresponse()
    r.read()
    acao = r.getheader("Access-Control-Allow-Origin")
    c.close()
    return r.status, acao

print("evil:", req("https://evil.example"))
print("bypass:", req("https://goodXexample")) 

Expected (vulnerable behavior):

Origin: https://evil.example → no ACAO Origin: https://goodXexample → ACAO: https://goodxexample/ (bypass)

Impact

Type: CORS policy bypass (cross-origin data exposure risk) Who is impacted: apps using CORS allowlists to restrict browser cross-origin reads. If allow_credentials=True and authenticated endpoints return sensitive data, an attacker-controlled site can potentially read responses in a victim’s browser session.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "litestar"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.19.0"
            },
            {
              "fixed": "2.20.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "2.19.0"
      ]
    }
  ],
  "aliases": [
    "CVE-2026-25478"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-942"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-02-09T17:18:52Z",
    "nvd_published_at": "2026-02-09T20:15:57Z",
    "severity": "HIGH"
  },
  "details": "### Summary\nCORS origin validation can be bypassed because the allowed-origins allowlist is compiled into a regex without escaping metacharacters (notably .). An allowed origin like https://good.example can match https://goodXexample, resulting in Access-Control-Allow-Origin being set for an untrusted origin\n\n### Details\nCORSConfig.allowed_origins_regex is constructed using a regex built from configured allowlist values and used with fullmatch() for validation. Because metacharacters are not escaped, a malicious origin can match unexpectedly. The check relies on allowed_origins_regex.fullmatch(origin).\n\n### PoC\nServer (poc_cors_server.py)\n\n```\nfrom litestar import Litestar, get\nfrom litestar.config.cors import CORSConfig\n\n@get(\"/c\")\nasync def c() -\u003e str:\n    return \"ok\"\n\ncors = CORSConfig(\n    allow_origins=[\"https://good.example\"],\n    allow_credentials=True,\n)\napp = Litestar([c], cors_config=cors)\n```\n\n`uvicorn poc_cors_server:app --host 127.0.0.1 --port 8002`\n\nClient (poc_cors_client.py)\n\n```\nimport http.client\n\ndef req(origin: str) -\u003e tuple[int, str | None]:\n    c = http.client.HTTPConnection(\"127.0.0.1\", 8002, timeout=3)\n    c.request(\"GET\", \"/c\", headers={\"Origin\": origin, \"Host\": \"example.com\"})\n    r = c.getresponse()\n    r.read()\n    acao = r.getheader(\"Access-Control-Allow-Origin\")\n    c.close()\n    return r.status, acao\n\nprint(\"evil:\", req(\"https://evil.example\"))\nprint(\"bypass:\", req(\"https://goodXexample\")) \n```\n\nExpected (vulnerable behavior):\n\nOrigin: https://evil.example \u2192 no ACAO\nOrigin: https://goodXexample \u2192 ACAO: https://goodxexample/ (bypass)\n\n### Impact\nType: CORS policy bypass (cross-origin data exposure risk)\nWho is impacted: apps using CORS allowlists to restrict browser cross-origin reads. If allow_credentials=True and authenticated endpoints return sensitive data, an attacker-controlled site can potentially read responses in a victim\u2019s browser session.",
  "id": "GHSA-2p2x-hpg8-cqp2",
  "modified": "2026-02-09T22:38:05Z",
  "published": "2026-02-09T17:18:52Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/litestar-org/litestar/security/advisories/GHSA-2p2x-hpg8-cqp2"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25478"
    },
    {
      "type": "WEB",
      "url": "https://github.com/litestar-org/litestar/commit/eb87703b309efcc0d1b087dcb12784e76b003d5a"
    },
    {
      "type": "WEB",
      "url": "https://docs.litestar.dev/2/release-notes/changelog.html#2.20.0"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/litestar-org/litestar"
    },
    {
      "type": "WEB",
      "url": "https://github.com/litestar-org/litestar/releases/tag/v2.20.0"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Litestar\u0027s CORS origin allowlist has a bypass due to unescaped regex metacharacters in allowed origins"
}

GHSA-2R2P-4CGF-HV7H

Vulnerability from github – Published: 2026-04-22 14:52 – Updated: 2026-04-22 14:52
VLAI
Summary
engram: HTTP server CORS wildcard + auth-off-by-default enables CSRF graph exfiltration and persistent indirect prompt injection
Details

Summary

The local HTTP server started by engram server (binding 127.0.0.1:7337 by default) was exposed to any browser origin with no authentication unless ENGRAM_API_TOKEN was explicitly set. Combined with Access-Control-Allow-Origin: * on every response and a body parser that did not require Content-Type: application/json, this allowed a malicious web page the developer visited to:

  1. Exfiltrate the local knowledge graph via GET /query and GET /stats (function names, file layout, recorded decisions/mistakes).
  2. Inject persistent prompt-injection payloads via POST /learn, which wrote mistake/decision nodes that were later surfaced as system-reminders to the user's AI coding agent on every future session and file edit.

Severity: High — confidentiality + persistent indirect prompt injection against the user's coding agent.

Affected versions

engramx >= 1.0.0, < 2.0.2 — any version that shipped the HTTP server.

Patched in

engramx@2.0.2

Workarounds (if you cannot upgrade)

  • Do not run engram server or engram ui.
  • If developers must, set ENGRAM_API_TOKEN to a long random value and terminate the server before browsing the web.

Remediation (applied in 2.0.2)

  1. Fail-closed auth on every non-public route — Bearer header or HttpOnly cookie, constant-time comparison, 256-bit auto-generated token at ~/.engram/http-server.token (0600).
  2. Wildcard CORS removed entirely; default is no CORS headers. Opt-in allowlist via ENGRAM_ALLOWED_ORIGINS.
  3. Host + Origin validation — rejects DNS rebinding and Host spoofing.
  4. Content-Type: application/json enforced on mutations — blocks the text/plain CSRF vector.
  5. /ui?token= bootstrap with Sec-Fetch-Site gate — prevents cross-origin oracle probing.

Credit

Discovered and responsibly disclosed by @gabiudrescu in engram issue #7.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "engramx"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.0.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-1188",
      "CWE-306",
      "CWE-352",
      "CWE-942"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-04-22T14:52:03Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "### Summary\n\nThe local HTTP server started by `engram server` (binding `127.0.0.1:7337` by default) was exposed to any browser origin with no authentication unless `ENGRAM_API_TOKEN` was explicitly set. Combined with `Access-Control-Allow-Origin: *` on every response and a body parser that did not require `Content-Type: application/json`, this allowed a malicious web page the developer visited to:\n\n1. **Exfiltrate** the local knowledge graph via `GET /query` and `GET /stats` (function names, file layout, recorded decisions/mistakes).\n2. **Inject persistent prompt-injection payloads** via `POST /learn`, which wrote `mistake`/`decision` nodes that were later surfaced as system-reminders to the user\u0027s AI coding agent on every future session and file edit.\n\nSeverity: **High** \u2014 confidentiality + persistent indirect prompt injection against the user\u0027s coding agent.\n\n### Affected versions\n\n`engramx` \u003e= 1.0.0, \u003c 2.0.2 \u2014 any version that shipped the HTTP server.\n\n### Patched in\n\n`engramx@2.0.2`\n\n### Workarounds (if you cannot upgrade)\n\n- Do **not** run `engram server` or `engram ui`.\n- If developers must, set `ENGRAM_API_TOKEN` to a long random value and terminate the server before browsing the web.\n\n### Remediation (applied in 2.0.2)\n\n1. Fail-closed auth on every non-public route \u2014 Bearer header or HttpOnly cookie, constant-time comparison, 256-bit auto-generated token at `~/.engram/http-server.token` (0600).\n2. Wildcard CORS removed entirely; default is no CORS headers. Opt-in allowlist via `ENGRAM_ALLOWED_ORIGINS`.\n3. Host + Origin validation \u2014 rejects DNS rebinding and Host spoofing.\n4. `Content-Type: application/json` enforced on mutations \u2014 blocks the text/plain CSRF vector.\n5. `/ui?token=` bootstrap with `Sec-Fetch-Site` gate \u2014 prevents cross-origin oracle probing.\n\n### Credit\n\nDiscovered and responsibly disclosed by @gabiudrescu in engram issue #7.",
  "id": "GHSA-2r2p-4cgf-hv7h",
  "modified": "2026-04-22T14:52:03Z",
  "published": "2026-04-22T14:52:03Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/NickCirv/engram/security/advisories/GHSA-2r2p-4cgf-hv7h"
    },
    {
      "type": "WEB",
      "url": "https://github.com/NickCirv/engram/issues/7"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/NickCirv/engram"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "engram: HTTP server CORS wildcard + auth-off-by-default enables CSRF graph exfiltration and persistent indirect prompt injection"
}

GHSA-2RCM-9PW5-QH2H

Vulnerability from github – Published: 2024-05-03 03:30 – Updated: 2024-05-03 03:30
VLAI
Details

Inductive Automation Ignition OPC UA Quick Client Permissive Cross-domain Policy Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.

The specific flaw exists within the configuration of the web server. The issue results from the lack of appropriate Content Security Policy headers. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of SYSTEM. Was ZDI-CAN-20539.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-38122"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-942"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-03T02:15:56Z",
    "severity": "HIGH"
  },
  "details": "Inductive Automation Ignition OPC UA Quick Client Permissive Cross-domain Policy Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the configuration of the web server. The issue results from the lack of appropriate Content Security Policy headers. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of SYSTEM. Was ZDI-CAN-20539.",
  "id": "GHSA-2rcm-9pw5-qh2h",
  "modified": "2024-05-03T03:30:55Z",
  "published": "2024-05-03T03:30:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-38122"
    },
    {
      "type": "WEB",
      "url": "https://inductiveautomation.com/blog/inductive-automation-participates-in-pwn2own-to-strengthen-ignition-security"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1013"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-2WW8-F9RJ-2XG5

Vulnerability from github – Published: 2023-02-01 15:30 – Updated: 2023-02-08 21:30
VLAI
Details

Connectwise Control 22.8.10013.8329 is vulnerable to Cross Origin Resource Sharing (CORS).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-23128"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-942"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-02-01T14:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Connectwise Control 22.8.10013.8329 is vulnerable to Cross Origin Resource Sharing (CORS).",
  "id": "GHSA-2ww8-f9rj-2xg5",
  "modified": "2023-02-08T21:30:19Z",
  "published": "2023-02-01T15:30:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23128"
    },
    {
      "type": "WEB",
      "url": "https://github.com/l00neyhacker/CVE-2023-23128"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design Operation

Strategy: Attack Surface Reduction

Define a restrictive Content Security Policy [REF-1486] or cross-domain policy file.

Mitigation
Architecture and Design Operation

Strategy: Attack Surface Reduction

Avoid using wildcards in the CSP / cross-domain policy file. Any domain matching the wildcard expression will be implicitly trusted, and can perform two-way interaction with the target server.

Mitigation
Architecture and Design Operation

Strategy: Environment Hardening

For Flash, modify crossdomain.xml to use meta-policy options such as 'master-only' or 'none' to reduce the possibility of an attacker planting extraneous cross-domain policy files on a server.

No CAPEC attack patterns related to this CWE.