Usage of the CORS handler may apply improper CORS headers, allowing the requester to explicitly control the value of the Access-Control-Allow-Origin header, which bypasses the expected behavior of the Same Origin Policy.
{
"extracted_events": [
{
"introduced": "0"
},
{
"fixed": "1.3.0"
}
],
"source": [
"CPE_RANGE",
"REFERENCES"
],
"cpe": "cpe:2.3:a:gorillatoolkit:handlers:*:*:*:*:*:go:*:*"
}