CORS misconfigurations are often overlooked, but they can have severe consequences. We demonstrate how reflecting the origin header leads to code execution in Whistle.
First seen on securityboulevard.com
Jump to article: securityboulevard.com/2024/12/never-underestimate-csrf-why-origin-reflection-is-a-bad-idea/
