Home / Vulnerability Database / Visual Basic 6 : Unsafe cross-origin resource sharing (CORS) policy

Visual Basic 6

Visual Basic 6 : Unsafe cross-origin resource sharing (CORS) policy

Classification

OWASP Top 10 2013

A5-Security Misconfiguration

OWASP Top 10 2017

A5-Broken Access Control A6-Security Misconfiguration

OWASP Top 10 2021

A1-Broken Access Control A5-Security Misconfiguration A4-Insecure Design A8-Software and Data Integrity Failures

OWASP ASVS

Configuration Configuration

CWE

CWE-183 CWE-345 CWE-346 CWE-451 CWE-942 CWE-1031

Overview

Unsafe CORS configuration may lead to the data being compromised.

CORS (Cross Origin Resource Policy) is a mechanism defined in the HTML5 standard that enables JavaScript-code to work with data from another domain. CORS parameters must be defined in the HTTP header Access-Control-Allow-Origin.

CORS parameter defined not precisely enough may lead to the application data being compromised.

References

MEDIUM

Visual Basic 6 : Unsafe cross-origin resource sharing (CORS) policy

Classification

Overview

References

DerScanner Severity Score

Do you want to fix Visual Basic 6 : Unsafe cross-origin resource sharing (CORS) policy in your application?

See also

Visual Basic 6 : Weak seed of random number generator

Visual Basic 6 : Error bad handling

Visual Basic 6 : Unsafe padding