Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in API/api/Version in Damstra Smart Asset 2020.7. Cross-origin resource sharing trusts random origins by accepting the arbitrary 'Origin: example.com' header and responding with 200 OK and a wildcard 'Access-Control-Allow-Origin: *' header.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Damstra Smart Asset 访问控制错误漏洞
Vulnerability Description
damstra smart asset(smart asset)是美国Smart Asset by Damstra的一个个人理财估算平台。该平台在用户提供一系列个人信息后可为用户提供最佳的理财策略。 Damstra Smart Asset 2020.7版本存在安全漏洞,该漏洞源于跨源资源共享信托起源随机接受任意的起源:example.com头和200 OK响应一个通配符Access-Control-Allow-Origin: *头。
CVSS Information
N/A
Vulnerability Type
N/A