mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-07 11:06:19 +00:00
704 B
704 B
CVE-2020-16263
Description
Winston 1.5.4 devices have a CORS configuration that trusts arbitrary origins. This allows requests to be made and viewed by arbitrary origins.
POC
Reference
- https://labs.bishopfox.com/advisories/winston-privacy-version-1.5.4
- https://labs.bishopfox.com/advisories/winston-privacy-version-1.5.4
Github
No PoCs found on GitHub currently.