Insecure cross-domain.xml File Exposure
Insecure cross-domain.xml file exposure will make anyone able to receive content from your web application.
Short Info
Level
Low
Single Scan
Single Scan
Can be used by
Everyone
Estimated Time
5 second
Time Interval
4 day
Scan only one
Url
Toolbox
-
An overly permissive crossdomain.xml file on a domain that serves sensitive content is a major security risk. It exposes the domain hosting the improperly configured crossomain.xml file to information disclosure and request forgery. Attackers cannot only forge requests, they can read responses. This means the attacker can retrieve any information the authenticated user has access to, including account information, documents and files, and anti-CSRF tokens if they are used.