Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cross-origin resource sharing (CORS) in Hiberus Sintra
Vulnerability Description
Incorrect Cross-Origin Resource Sharing (CORS) configuration in Hiberus Sintra. Cross-Origin Resource Sharing (CORS) allows browsers to make cross-domain requests in a controlled manner. This request has an “Origin” header that identifies the domain making the initial request and defines the protocol between a browser and a server to see if the request is allowed. An attacker can exploit this and potentially perform privileged actions and access confidential information when Access-Control-Allow-Credentials is enabled.
CVSS Information
N/A
Vulnerability Type
过度许可的跨域白名单
Vulnerability Title
Hiberus Sintra 安全漏洞
Vulnerability Description
Hiberus Sintra是西班牙Hiberus公司的一个服务管理平台。 Hiberus Sintra存在安全漏洞,该漏洞源于跨资源共享配置不当,可能导致执行特权操作和访问机密信息。
CVSS Information
N/A
Vulnerability Type
N/A