CVE-2022-4147

Quarkus CORS filter allows simple GET and POST requests with invalid Origin to proceed. Simple GET or POST requests made with XMLHttpRequest are the ones which have no event listeners registered on the object returned by the XMLHttpRequest upload property and have no ReadableStream object used in the request.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-12-06 19:15

Updated : 2024-02-28 19:51


NVD link : CVE-2022-4147

Mitre link : CVE-2022-4147

CVE.ORG link : CVE-2022-4147


JSON object : View

Products Affected

quarkus

  • quarkus
CWE