Json Yaml Cors Wildcard Origin Config
Description
Detects insecure CORS (Cross-Origin Resource Sharing) configurations in Spring Framework where a wildcard (*) is used to allow all origins. This configuration allows any external domain to make requests to the application, potentially exposing sensitive data to malicious websites.
Detection Strategy
• Search for CORS configuration properties in Spring Framework YAML files under 'cors.web.spring', 'cors.management', or 'exposure.web.endpoints.management' paths
• Check if properties named 'allowed-origins' or 'include' are set to the wildcard value '*'
• Flag configurations that use wildcard origins as vulnerable since they allow unrestricted cross-origin access
Vulnerable code example
spring:
web:
cors:
allowed-origins: "*" # VULNERABLE: Allows requests from any origin
allowed-methods: "GET,POST,PUT"
management:
endpoints:...✅ Secure code example
spring:
web:
cors:
allowed-origins: "https://app.example.com" # Restrict to specific trusted domain
allowed-methods: "GET,POST,PUT"
allowed-headers: "Content-Type,Authorization"
allow-credentials: true
max-age: 3600...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.