Cross-Origin Resource Sharing Misconfiguration in HCL DevOps Loop
CVE-2026-21761
4.2MEDIUM
What is CVE-2026-21761?
HCL DevOps Loop is compromised by a Cross-Origin Resource Sharing (CORS) misconfiguration, which can lead to unauthorized cross-origin requests. This vulnerability exposes application resources to untrusted domains, posing a significant security risk to users who may inadvertently allow sensitive data to be accessed by unauthorized parties. Proper configuration of CORS policies is crucial to ensure that only trusted domains are permitted to interact with the application.
Affected Version(s)
DevOps Loop 2.0.0
