Wildcard in Access-Control-Allow-Origin Header in IBM Security Trusteer Pinpoint Detect 11.6.5 Could Lead to Information Disclosure

Wildcard in Access-Control-Allow-Origin Header in IBM Security Trusteer Pinpoint Detect 11.6.5 Could Lead to Information Disclosure

CVE-2020-4708 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

IBM Security Trusteer Pinpoint Detect 11.6.5 could disclose some information due to using a wildcard in the Access-Control-Allow-Origin header. IBM X-Force ID: 187371.

Learn more about our Web Application Penetration Testing UK.