Skip to content

victorgesicht/Inconsistent-CORS-enforcement-.NET

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
CORS-2.pdf
CORS-2.pdf
 
 
README.md
README.md
 
 
recreation.txt
recreation.txt
 
 
smugged.png
smugged.png
 
 

Repository files navigation

#CORS Misconfiguration Vulnerability Report

Overview

#Tools used: Burp Suite, Imgur, Overleaf,Request Minimizer ext. -burp

This repository documents a Cross-Origin Resource Sharing (CORS) misconfiguration vulnerability identified during and independent security research. The vulnerability allows unauthorized cross-origin access to sensitive user data.

Status: No unauthorized access was performed and bug was submitted and patched

#Summary Issue Type: CORS Misconfiguration Impact: Unauthorized access to authenticated API responses Target: anonymized.com
Date Identified: 11th June 2025

About

This repository contains a sample bug report and POC for a CORS vuln. The goal is to demonstrate how improperly configured CORS can lead to serious security issues, including unauthorized data access and privilege escalation. The vulnerability has since been patched.

Topics

cybersecurity bugbounty cors-anywhere

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors