VYPR

CWE-346

Origin Validation Error

ClassDraft

Description

The product does not properly verify that the source of data or communication is valid.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-111 · CAPEC-141 · CAPEC-142 · CAPEC-160 · CAPEC-21 · CAPEC-384 · CAPEC-385 · CAPEC-386 · CAPEC-387 · CAPEC-388 · CAPEC-510 · CAPEC-59 · CAPEC-60 · CAPEC-75 · CAPEC-76 · CAPEC-89

CVEs mapped to this weakness (296)

page 14 of 15
  • CVE-2024-23898Jan 24, 2024
    risk 0.00cvss epss 0.67

    Jenkins 2.217 through 2.441 (both inclusive), LTS 2.222.1 through 2.426.2 (both inclusive) does not perform origin validation of requests made through the CLI WebSocket endpoint, resulting in a cross-site WebSocket hijacking (CSWSH) vulnerability, allowing attackers to execute…

  • CVE-2023-49803Dec 11, 2023
    risk 0.00cvss epss 0.00

    @koa/cors npm provides Cross-Origin Resource Sharing (CORS) for koa, a web framework for Node.js. Prior to version 5.0.0, the middleware operates in a way that if an allowed origin is not provided, it will return an `Access-Control-Allow-Origin` header with the value of the…

  • CVE-2023-2850Jul 25, 2023
    risk 0.00cvss epss 0.00

    NodeBB is affected by a Cross-Site WebSocket Hijacking vulnerability due to missing validation of the request origin. Exploitation of this vulnerability allows certain user information to be extracted by attacker.

  • CVE-2023-32993May 16, 2023
    risk 0.00cvss epss 0.00

    Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier does not perform hostname validation when connecting to miniOrange or the configured IdP to retrieve SAML metadata, which could be abused using a man-in-the-middle attack to intercept these connections.

  • CVE-2023-26114Mar 23, 2023
    risk 0.00cvss epss 0.00

    Versions of the package code-server before 4.10.1 are vulnerable to Missing Origin Validation in WebSockets handshakes. Exploiting this vulnerability can allow an adversary in specific scenarios to access data from and connect to the code-server instance.

  • CVE-2023-22899Jan 10, 2023
    risk 0.00cvss epss 0.01

    Zip4j through 2.11.2, as used in Threema and other products, does not always check the MAC when decrypting a ZIP archive.

  • CVE-2017-20146Dec 27, 2022
    risk 0.00cvss epss 0.01

    Usage of the CORS handler may apply improper CORS headers, allowing the requester to explicitly control the value of the Access-Control-Allow-Origin header, which bypasses the expected behavior of the Same Origin Policy.

  • CVE-2022-41924Nov 23, 2022
    risk 0.00cvss epss 0.02

    A vulnerability identified in the Tailscale Windows client allows a malicious website to reconfigure the Tailscale daemon `tailscaled`, which can then be used to remotely execute code. In the Tailscale Windows client, the local API was bound to a local TCP socket, and…

  • CVE-2022-42975Oct 17, 2022
    risk 0.00cvss epss 0.01

    socket/transport.ex in Phoenix before 1.6.14 mishandles check_origin wildcarding. NOTE: LiveView applications are unaffected by default because of the presence of a LiveView CSRF token.

  • CVE-2022-3457Oct 13, 2022
    risk 0.00cvss epss 0.00

    Origin Validation Error in GitHub repository ikus060/rdiffweb prior to 2.5.0a5.

  • CVE-2022-31151Jul 20, 2022
    risk 0.00cvss epss 0.01

    Authorization headers are cleared on cross-origin redirect. However, cookie headers which are sensitive headers and are official headers found in the spec, remain uncleared. There are active users using cookie headers in undici. This may lead to accidental leakage of cookie to a…

  • CVE-2022-24762Mar 14, 2022
    risk 0.00cvss epss 0.01

    sysend.js is a library that allows a user to send messages between pages that are open in the same browser. Users that use cross-origin communication may have their communications intercepted. Impact is limited by the communication occurring in the same browser. This issue has…

  • CVE-2022-25146Mar 2, 2022
    risk 0.00cvss epss 0.01

    The Remote App module in Liferay Portal Liferay Portal v7.4.3.4 through v7.4.3.8 and Liferay DXP 7.4 before update 5 does not check if the origin of event messages it receives matches the origin of the Remote App, allowing attackers to exfiltrate the CSRF token via a crafted…

  • CVE-2022-21712Feb 7, 2022
    risk 0.00cvss epss 0.01

    twisted is an event-driven networking engine written in Python. In affected versions twisted exposes cookies and authorization headers when following cross-origin redirects. This issue is present in the `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent`…

  • CVE-2021-4024Dec 23, 2021
    risk 0.00cvss epss 0.01

    A flaw was found in podman. The `podman machine` function (used to create and manage Podman virtual machine containing a Podman process) spawns a `gvproxy` process on the host system. The `gvproxy` API is accessible on port 7777 on all IP addresses on the host. If that port is…

  • CVE-2021-41088Sep 23, 2021
    risk 0.00cvss epss 0.01

    Elvish is a programming language and interactive shell, combined into one package. In versions prior to 0.14.0 Elvish's web UI backend (started by `elvish -web`) hosts an endpoint that allows executing the code sent from the web UI. The backend does not check the origin of…

  • CVE-2021-39185Sep 1, 2021
    risk 0.00cvss epss 0.01

    Http4s is a minimal, idiomatic Scala interface for HTTP services. In http4s versions 0.21.26 and prior, 0.22.0 through 0.22.2, 0.23.0, 0.23.1, and 1.0.0-M1 through 1.0.0-M24, the default CORS configuration is vulnerable to an origin reflection attack. The middleware is also…

  • CVE-2021-34435Sep 1, 2021
    risk 0.00cvss epss 0.01

    In Eclipse Theia 0.3.9 to 1.8.1, the "mini-browser" extension allows a user to preview HTML files in an iframe inside the IDE. But with the way it is made it is possible for a previewed HTML file to trigger an RCE. This exploit only happens if a user previews a malicious file..

  • CVE-2021-37705Aug 13, 2021
    risk 0.00cvss epss 0.02

    OneFuzz is an open source self-hosted Fuzzing-As-A-Service platform. Starting with OneFuzz 2.12.0 or greater, an incomplete authorization check allows an authenticated user from any Azure Active Directory tenant to make authorized API calls to a vulnerable OneFuzz instance. To…

  • CVE-2021-26291Apr 23, 2021
    risk 0.00cvss epss 0.09

    Apache Maven will follow repositories that are defined in a dependency’s Project Object Model (pom) which may be surprising to some users, resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to…