Skip to main content

Origin Validation Error


Severity High
Score 9.8/10


In, usage of the CORS handler may apply improper CORS headers, allowing the requester to explicitly control the value of the Access-Control-Allow-Origin header, which bypasses the expected behavior of the Same Origin Policy. Versions prior to 1.3.0 are affected by this vulnerability.

  • LOW
  • HIGH
  • NONE
  • NONE
  • HIGH
  • HIGH

CWE-346 - Origin Validation Error

The software does not properly verify that the source of data or communication is valid.

Advisory Timeline

  • Published