Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
Farion1231 CC-Switch Vulnerability: Cross-Site Policy Bypass
CVE-2026-6143
Summary
A security flaw in Farion1231 CC-Switch versions up to 3.12.3 allows remote attackers to bypass security rules and access sensitive data on untrusted websites. This could expose your business to unauthorized access and data theft. Update to the latest version of CC-Switch to fix this issue.
Original title
A security flaw has been discovered in farion1231 cc-switch up to 3.12.3. Affected by this issue is some unknown functionality of the file src-tauri/src/proxy/server.rs of the component ProxyServer...
Original description
A security flaw has been discovered in farion1231 cc-switch up to 3.12.3. Affected by this issue is some unknown functionality of the file src-tauri/src/proxy/server.rs of the component ProxyServer. The manipulation results in permissive cross-domain policy with untrusted domains. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks.
nvd CVSS2.0
6.5
nvd CVSS3.1
6.3
nvd CVSS4.0
5.3
Vulnerability type
CWE-346
CWE-942
- https://github.com/farion1231/cc-switch/
- https://github.com/farion1231/cc-switch/issues/1841
- https://github.com/farion1231/cc-switch/issues/1841#issue-4191294952
- https://github.com/farion1231/cc-switch/pull/1915
- https://vuldb.com/submit/796145
- https://vuldb.com/vuln/357007
- https://vuldb.com/vuln/357007/cti
Published: 13 Apr 2026 · Updated: 13 Apr 2026 · First seen: 13 Apr 2026