2020-10-02 20:05:31
mitre
PUBLISHED
An issue was discovered in API/api/Version in Damstra Smart Asset 2020.7. Cross-origin resource sharing trusts random origins by accepting the arbitrary Origin: example.com header and responding with 200 OK and a wildcard Access-Control-Allow-Origin: * header.