Hcl · Hcl Onetest Server · CVE-2021-27786
**Name of the Vulnerable Software and Affected Versions**
No specific software or versions are mentioned.
**Description**
Cross-origin resource sharing (CORS) enables browsers to perform cross-domain requests in a controlled manner. This request has an Origin header that identifies the domain making the initial request and defines the protocol between a browser and server to see if the request is allowed. An attacker can take advantage of this and possibly carry out privileged actions and access sensitive information when the Access-Control-Allow-Credentials is enabled.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.