Skip to content

Origin Validation Error ('Authorization Issues') [VID:4] #25

New issue
New issue
Open
Open
Origin Validation Error ('Authorization Issues') [VID:4]#25
Labels
Veracode Policy ScanA Veracode Flaw found during a Policy or Sandbox ScanVeracodeFlaw: MediumA Veracode Flaw, Medium severity
@veracode-workflow-app-preprod

Description

@veracode-workflow-app-preprod
veracode-workflow-app-preprod
bot
opened on Nov 14, 2025

govwanew//util/template.go

Lines 21 to 31 in 3d38a70

log.Println(err.Error())
}
}
func RenderAsJson(w http.ResponseWriter, data ...interface{}) {
w.Header().Set("Access-Control-Allow-Origin", "*")
w.Header().Set("Access-Control-Allow-Credentials", "true")
w.Header().Set("Access-Control-Allow-Methods", "POST, GET")
w.Header().Set("Content-Type", "application/json")
b, err := json.Marshal(data)
if err != nil {

Filename: template.go

Line: 26

CWE: 346 (Origin Validation Error ('Authorization Issues'))

Not restricting access to web resources, opens it up for attackers to inadvertently access restricted resources. An application should always check the origin of a request to be coming from a trusted source, before serving it. Please restrict the allowed domains which can access this resource. References: CWE 346/nDon't know how to fix this? Don't know why this was reported?
Get Assistance from Veracode

Metadata

Metadata

Assignees

No one assigned

    Labels

    Veracode Policy ScanA Veracode Flaw found during a Policy or Sandbox ScanVeracodeFlaw: MediumA Veracode Flaw, Medium severity

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions