About Cross-Origin Resource Sharing
Cross-Origin Resource Sharing (CORS) vulnerabilities occur when web applications implement CORS policies incorrectly, allowing unauthorized cross-origin requests and potentially leading to data theft, CSRF attacks, and other security issues.
Common CORS Attack Types
Basic Misconfiguration: Simple CORS policy misconfigurations
Wildcard Origin: CORS with wildcard origin allowing any domain
Credentials: CORS with credentials leading to data theft
Advanced Bypass: Complex methods to bypass CORS protections
CORS with CSRF: CORS vulnerabilities leading to CSRF attacks
Common Vulnerable CORS Headers
Access-Control-Allow-Origin: Controls which origins can access resources
Access-Control-Allow-Credentials: Controls whether credentials can be sent
Access-Control-Allow-Methods: Controls which HTTP methods are allowed
Access-Control-Allow-Headers: Controls which headers are allowed
Access-Control-Expose-Headers: Controls which headers are exposed to JavaScript
Real-World Impact
Data theft and sensitive information disclosure
Session hijacking and account takeover
Cross-Site Request Forgery (CSRF) attacks
API abuse and unauthorized access
Compliance violations and security breaches
Privilege escalation and lateral movement