Vulnerabilities

CVE-2025-47910

by Fred · 22/09/2025

When using http.CrossOriginProtection, the AddInsecureBypassPattern method can unexpectedly bypass more requests than intended. CrossOriginProtection then skips validation, but forwards the original request path, which may be served by a different handler without the intended security protections.

More information : https://go.dev/cl/699275

Similar

Tags: Cybersecurity Alert