Authorization Bypass Through User-Controlled Key play-with-docker
Package
Affected versions
< = 0.0.2
Patched versions
latest
Description
|
done!
…On Thu, Mar 16, 2023 at 5:03 AM cokeBeer ***@***.***> wrote:
@marcosnils <https://github.com/marcosnils> Hi , it is ready for
publishing. Could you request a CVE id before publish it ?
—
Reply to this email directly, view it on GitHub
<https://github.com/play-with-docker/play-with-docker/security/advisories/GHSA-vq59-5x26-h639#advisory-comment-79906>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAMBLWT3LWWD64BNGAUQUJLW4LCOBANCNFSM6AAAAAAVPJFFDY>
.
You are receiving this because you are either an administrator on
play-with-docker/play-with-docker, or a collaborator on GHSA-vq59-5x26-h639.Message
ID:
<play-with-docker/play-with-docker/repository-advisories/17194/comments/79906
@github.com>
|
Credits
-
cokeBeer Reporter
Impact
Give that CORS configuration was not correct, an attacker could use play-with-docker.com as an example, set origin header in http request as evil-play-with-docker.com, it will be echo in response header, which successfully bypass the CORS policy and retrieves basic user information.
Patches
It has been fixed in lastest version, Please upgrade to latest version
Workarounds
No, users have to upgrade version.