Cross Origin Resource Sharing (CORS)

Many modern websites use CORS to allow access from subdomains and trusted third parties. Their implementation of CORS may contain mistakes or be overly lenient to ensure that everything works, and this can result in exploitable vulnerabilities.

Resources

of-CORS: identifying and exploiting CORS misconfigurationsPenetration Testing

What is CORS (cross-origin resource sharing)? Tutorial & Examples | Web Security AcademyWebSecAcademy

PreviousClickjacking NextCross Site Request Forgery (CSRF)

Last updated 6 months ago