An information disclosure vulnerability exists in ASP.NET Core that allows bypassing cross-origin resource sharing(CORS) configurations. An attacker who successfully exploited the vulnerability could retrieve content, that is normally restricted, from a web application.