Security Config Lab
CORS Misconfiguration
Lab Progress0%
Scenario: Private Data API
The API at /api/user-secrets contains highly sensitive information. Can you analyze the CORS resilience?
Level 1: Wildcard Origin with Credentials
CORS Misconfigurations allow malicious sites to read data from a vulnerable domain if it echoes the Origin header back.
Objective
Exploit a permissive CORS policy to read sensitive data from an authenticated session.
OPTIONS /api/user-secrets HTTP/1.1
Origin:
Access-Control-Request-Method: GET
Access-Control-Request-Headers: Content-Type