Vulnerability Report: GO-2024-2574

The CORS middleware allows for insecure configurations that could potentially expose the application to multiple CORS-related vulnerabilities. Specifically, it allows setting the Access-Control-Allow-Origin header to a wildcard ("*") while also having the Access-Control-Allow-Credentials set to true, which goes against recommended security best practices.

For detailed information about this vulnerability, visit https://github.com/gofiber/fiber/security/advisories/GHSA-fmg4-x8pw-hjhg.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL