Clearpool
CORS Misconfiguration in API server https://api.clearpool.finance/ #21
bastianwelfrid
started this conversation in
Bug reports
Replies: 1 comment 2 replies
-
Beta Was this translation helpful? Give feedback.
2 replies
-
|
It's an open API. There is no thread to make requests from any other domains. |
Beta Was this translation helpful? Give feedback.
-
|
You're right, I thought it was not an open API. https://api.clearpool.finance/1/notifications/unsubscribe?email=x@x.com |
Beta Was this translation helpful? Give feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Description
A cross-origin resource sharing (CORS) misconfiguration has been identified in https://api.clearpool.finance/.
This vulnerability allows an attacker to send unauthorized requests to the victim server from a different domain, potentially leading to data exfiltration, unauthorized access, or other security breaches.
Root Cause
The root cause of the vulnerability is a misconfiguration in the CORS policy of the victim server. The server is allowing requests from unauthorized origins, violating the principle of same-origin policy.
Reproduction Steps
Example request:
Look at HTTP response header:
Access-Control-Allow-Origin: *, it means server allows request from any different domain to get request from Clearpool API server.Click this link CORSattack put your email address there then click Submit. Now open your email inbox, you will see an email from info@clearpool.finance
Or you can upload file attachment below, save this code with HTML extension to your own server then send request from there.
clearcors.txt
Impact
The potential consequences of this vulnerability include:
Data Exfiltration: An attacker could steal sensitive data, such as user credentials, personal information, or proprietary data.
Unauthorized Access: An attacker could gain unauthorized access to protected resources on the victim server.
Cross-Site Request Forgery (CSRF): The vulnerability could be exploited to perform unauthorized actions on behalf of authenticated users.
Regards,
Bastian Welfrid
Beta Was this translation helpful? Give feedback.
All reactions