SmartAsset-CORS-CVE-2020-26527 CVE-2020-26527 Smart Asset - version 20207 An issue was discovered in API/api/Version in Damstra Smart Asset 20207 Cross-origin resource sharing trusts random origins by accepting the arbitrary 'Origin: examplecom' header and responding with 200 OK and a wildcard 'Access-Control-Allow-Origin: *' header HTTP Request: GET /