GitHub

Vary Header Injection leading to potential CORS Bypass

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). Attack vector: More severe the more the remote (logically and ...
GitHub

CORS Preflight OPTIONS Request Fails to Reach Edge Function from Browser

When a frontend web application (hosted on GitHub Pages) makes a fetch request with an Authorization header to a Supabase Edge Function, the browser's preflight ...