Vulnerabilities > Origin Validation Error
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-14 | CVE-2023-46715 | Origin Validation Error vulnerability in Fortinet Fortios An origin validation error [CWE-346] vulnerability in Fortinet FortiOS IPSec VPN version 7.4.0 through 7.4.1 and version 7.2.6 and below allows an authenticated IPSec VPN user with dynamic IP addressing to send (but not receive) packets spoofing the IP of another user via crafted network packets. | 4.3 |
| 2024-12-12 | CVE-2024-44212 | Origin Validation Error vulnerability in Apple products A cookie management issue was addressed with improved state management. | 5.3 |
| 2024-10-29 | CVE-2024-6674 | Origin Validation Error vulnerability in Lollms web UI A CORS misconfiguration in parisneo/lollms-webui prior to version 10 allows attackers to steal sensitive information such as logs, browser sessions, and settings containing private API keys from other services. | 7.1 |
| 2024-09-17 | CVE-2024-44187 | Origin Validation Error vulnerability in Apple products A cross-origin issue existed with "iframe" elements. | 6.5 |
| 2024-08-12 | CVE-2024-41475 | Origin Validation Error vulnerability in SIR Gnuboard 6.0.7 Gnuboard g6 6.0.7 is vulnerable to Session hijacking due to a CORS misconfiguration. | 8.8 |
| 2024-08-06 | CVE-2024-23458 | Origin Validation Error vulnerability in Zscaler Client Connector While copying individual autoupdater log files, reparse point check was missing which could result into crafted attacks, potentially leading to a local privilege escalation. | 7.8 |
| 2024-08-01 | CVE-2024-41926 | Origin Validation Error vulnerability in Mattermost Server Mattermost versions 9.9.x <= 9.9.0 and 9.5.x <= 9.5.6 fail to validate the source of sync messages and only allow the correct remote IDs, which allows a malicious remote to set arbitrary RemoteId values for synced users and therefore claim that a user was synced from another remote. | 4.3 |
| 2024-07-29 | CVE-2024-41143 | Origin Validation Error vulnerability in Skygroup Skysea Client View Origin validation error vulnerability exists in SKYSEA Client View Ver.3.013.00 to Ver.19.210.04e. | 7.8 |
| 2024-07-01 | CVE-2024-36421 | Origin Validation Error vulnerability in Flowiseai Flowise 1.4.3 Flowise is a drag & drop user interface to build a customized large language model flow. | 7.5 |
| 2024-06-25 | CVE-2024-6301 | Origin Validation Error vulnerability in Conduit Lack of validation of origin in federation API in Conduit, allowing any remote server to impersonate any user from any server in most EDUs | 7.5 |