Access-Control-Allow-Origin header with wildcard (*) value - Vulnerability Database

Access-Control-Allow-Origin header with wildcard (*) value

Description

Cross-origin resource sharing (CORS) is a mechanism that allows restricted resources (e.g. fonts) on a web page to be requested from another domain outside the domain from which the resource originated. The Access-Control-Allow-Origin header indicates whether a resource can be shared based on the value of the Origin request header, "*", or "null" in the response.

If a website responds with Access-Control-Allow-Origin: * the requested resource allows sharing with every origin. Therefore, any website can make XHR (XMLHTTPRequest) requests to the site and access the responses.

Remediation

Check whether Access-Control-Allow-Origin: <strong><span class="bb-dark">*</span></strong> is appropriate for the resource/response.

References

Test Cross Origin Resource Sharing (OTG-CLIENT-007)

Cross-origin resource sharing

Cross-Origin Resource Sharing

CrossOriginRequestSecurity

Cross-Origin Resource Sharing (CORS) and the Access-Control-Allow-Origin Header

PortSwigger Research on CORS misconfiguration

Related Vulnerabilities

Severity

Information

Classification

CWE-284

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:N

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N