Xml Allows All Domains
Description
Detects overly permissive cross-domain policies in XML configuration files that allow access from any domain (*). This configuration creates security risks by enabling unrestricted cross-origin requests, potentially exposing the application to cross-site request forgery attacks.
Detection Strategy
• Scans XML configuration files for 'cross-domain-policy' elements
• Within these elements, looks for 'allow-access-from' tags
• Checks if the 'domain' attribute is set to '*' (case-insensitive)
• Reports a vulnerability when wildcard domain access is found, indicating the exact line and column number
Vulnerable code example
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*" /> <!-- UNSAFE: Wildcard domain allows access from any domain -->
<site-control permitted-cross-domain-policies="all"/>
<allow-access-from
domain="*"
secure="true" <!-- UNSAFE: Even with secure=true, wildcard domain poses security risk -->...✅ Secure code example
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<!-- Only allow specific trusted domains instead of wildcard -->
<site-control permitted-cross-domain-policies="master-only"/>
<allow-access-from
domain="trusted.example.com"...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.