CVE-2022-4147

Quarkus CORS filter allows simple GET and POST requests with invalid Origin to proceed. Simple GET or POST requests made with XMLHttpRequest are the ones which have no event listeners registered on the object returned by the XMLHttpRequest upload property and have no ReadableStream object used in the request.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*
cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*

Information

Published : 2022-12-06 11:15

Updated : 2022-12-12 11:43


NVD link : CVE-2022-4147

Mitre link : CVE-2022-4147


JSON object : View

CWE
Advertisement

dedicated server usa

Products Affected

quarkus

  • quarkus