Corsy/db/details.json

{
	"wildcard value" : {
		"class" : "wildcard value",
		"description" : "This host allows requests made from any origin. However, browsers will block all requests to this host by default.",
		"severity" : "low",
		"exploitation" : "Not possible"
	},
	"third party allowed" : {
		"class" : "third party allowed",
		"description" : "This host has whitelisted a third party host for cross origin requests.",
		"severity" : "Medium",
		"exploitation" : "If the whitelisted host is a code hosting platform such as codepen.io or has an XSS vulnerability, it can be used to exploit this misconfiguration."

	},
	"origin reflected": {
		"class" : "origin reflected",
		"description" : "This host allows any origin to make requests to it.",
		"severity" : "high",
		"exploitation" : "Make requests from any domain you control."
	},
	"invalid value" : {
		"class" : "invalid value",
		"description" : "Header's value is invalid, this CORS implementation doesn't work at all.",
		"severity" : "low",
		"exploitation" : "Not possible"
	},
	"post-domain wildcard" : {
		"class" : "post-domain wildcard",
		"description" : "The origin verification is flawed, it allows requests from a host that has this host as a prefix.",
		"severity" : "high",
		"exploitation" : "Make requests from target.com.attacker.com"
	},
	"pre-domain wildcard" : {
		"class" : "pre-domain wildcard",
		"description" : "The origin verification is flawed, it allows requests from a host that has this host as a suffix.",
		"severity" : "high",
		"exploitation" : "Make requests from attacker-target.com"
	},
	"null origin allowed" : {
		"class" : "null origin allowed",
		"description" : "This host allows requests from 'null' origin.",
		"severity" : "high",
		"exploitation" : "Make requests from a sandboxed iframe."
	},
	"http origin allowed" : {
		"class" : "http origin allowed",
		"description" : "This host allows sharing resources over an unencrypted (HTTP) connection.",
		"severity" : "low",
		"exploitation" : "Sniff requests made over the unencrypted channel."
	},
	"unrecognized underscore" : {
		"class" : "unrecognized underscore",
		"description" : "The origin verification is flawed and can be bypassed using a underscore (_).",
		"severity" : "high",
		"exploitation" : "Set the 'Origin' header to target.com_.example.com"
	},
	"broken parser" : {
		"class" : "broken parser",
		"description" : "The origin verification is flawed and can be bypassed using a backtick (`).",
		"severity" : "high",
		"exploitation" : "Set the 'Origin' header to %60.example.com"
	},
	"unescaped regex" : {
		"class" : "unescaped regex",
		"description" : "The regex used for origin verification contains an unescaped dot (.) character.",
		"severity" : "high",
		"exploitation" : "If the target is sub.example.com, make requests from subxexample.com"
	}
}
Add files via upload 2019-11-24 21:12:10 +05:30			`{`
			`"wildcard value" : {`
1.0-beta - Bug fixes - Scan URLs from file - JSON output to file - Custom HTTP header support - Switch to ignore helpful messages 2020-01-17 02:44:46 +05:30			`"class" : "wildcard value",`
			`"description" : "This host allows requests made from any origin. However, browsers will block all requests to this host by default.",`
			`"severity" : "low",`
			`"exploitation" : "Not possible"`
Add files via upload 2019-11-24 21:12:10 +05:30			`},`
			`"third party allowed" : {`
1.0-beta - Bug fixes - Scan URLs from file - JSON output to file - Custom HTTP header support - Switch to ignore helpful messages 2020-01-17 02:44:46 +05:30			`"class" : "third party allowed",`
			`"description" : "This host has whitelisted a third party host for cross origin requests.",`
			`"severity" : "Medium",`
			`"exploitation" : "If the whitelisted host is a code hosting platform such as codepen.io or has an XSS vulnerability, it can be used to exploit this misconfiguration."`
Add files via upload 2019-11-24 21:12:10 +05:30
			`},`
1.0-beta - Bug fixes - Scan URLs from file - JSON output to file - Custom HTTP header support - Switch to ignore helpful messages 2020-01-17 02:44:46 +05:30			`"origin reflected": {`
			`"class" : "origin reflected",`
			`"description" : "This host allows any origin to make requests to it.",`
			`"severity" : "high",`
			`"exploitation" : "Make requests from any domain you control."`
Add files via upload 2019-11-24 21:12:10 +05:30			`},`
			`"invalid value" : {`
1.0-beta - Bug fixes - Scan URLs from file - JSON output to file - Custom HTTP header support - Switch to ignore helpful messages 2020-01-17 02:44:46 +05:30			`"class" : "invalid value",`
			`"description" : "Header's value is invalid, this CORS implementation doesn't work at all.",`
			`"severity" : "low",`
			`"exploitation" : "Not possible"`
Add files via upload 2019-11-24 21:12:10 +05:30			`},`
minor typo fix 2019-11-24 21:41:20 +05:30			`"post-domain wildcard" : {`
1.0-beta - Bug fixes - Scan URLs from file - JSON output to file - Custom HTTP header support - Switch to ignore helpful messages 2020-01-17 02:44:46 +05:30			`"class" : "post-domain wildcard",`
			`"description" : "The origin verification is flawed, it allows requests from a host that has this host as a prefix.",`
			`"severity" : "high",`
			`"exploitation" : "Make requests from target.com.attacker.com"`
Add files via upload 2019-11-24 21:12:10 +05:30			`},`
minor typo fix 2019-11-24 21:41:20 +05:30			`"pre-domain wildcard" : {`
1.0-beta - Bug fixes - Scan URLs from file - JSON output to file - Custom HTTP header support - Switch to ignore helpful messages 2020-01-17 02:44:46 +05:30			`"class" : "pre-domain wildcard",`
			`"description" : "The origin verification is flawed, it allows requests from a host that has this host as a suffix.",`
			`"severity" : "high",`
			`"exploitation" : "Make requests from attacker-target.com"`
Add files via upload 2019-11-24 21:12:10 +05:30			`},`
			`"null origin allowed" : {`
1.0-beta - Bug fixes - Scan URLs from file - JSON output to file - Custom HTTP header support - Switch to ignore helpful messages 2020-01-17 02:44:46 +05:30			`"class" : "null origin allowed",`
			`"description" : "This host allows requests from 'null' origin.",`
			`"severity" : "high",`
			`"exploitation" : "Make requests from a sandboxed iframe."`
Add files via upload 2019-11-24 21:12:10 +05:30			`},`
			`"http origin allowed" : {`
1.0-beta - Bug fixes - Scan URLs from file - JSON output to file - Custom HTTP header support - Switch to ignore helpful messages 2020-01-17 02:44:46 +05:30			`"class" : "http origin allowed",`
			`"description" : "This host allows sharing resources over an unencrypted (HTTP) connection.",`
			`"severity" : "low",`
			`"exploitation" : "Sniff requests made over the unencrypted channel."`
Add files via upload 2019-11-24 21:12:10 +05:30			`},`
added underscore bypass 2021-01-28 16:21:42 +05:30			`"unrecognized underscore" : {`
			`"class" : "unrecognized underscore",`
			`"description" : "The origin verification is flawed and can be bypassed using a underscore (_).",`
			`"severity" : "high",`
			`"exploitation" : "Set the 'Origin' header to target.com_.example.com"`
			`},`
Add files via upload 2019-11-24 21:12:10 +05:30			`"broken parser" : {`
1.0-beta - Bug fixes - Scan URLs from file - JSON output to file - Custom HTTP header support - Switch to ignore helpful messages 2020-01-17 02:44:46 +05:30			`"class" : "broken parser",`
			"description" : "The origin verification is flawed and can be bypassed using a backtick (`).",
			`"severity" : "high",`
			`"exploitation" : "Set the 'Origin' header to %60.example.com"`
add unescaped regex test 2019-11-25 10:20:45 +05:30			`},`
			`"unescaped regex" : {`
1.0-beta - Bug fixes - Scan URLs from file - JSON output to file - Custom HTTP header support - Switch to ignore helpful messages 2020-01-17 02:44:46 +05:30			`"class" : "unescaped regex",`
			`"description" : "The regex used for origin verification contains an unescaped dot (.) character.",`
			`"severity" : "high",`
			`"exploitation" : "If the target is sub.example.com, make requests from subxexample.com"`
Add files via upload 2019-11-24 21:12:10 +05:30			`}`
minor typo fix 2019-11-24 21:41:20 +05:30			`}`