MEDIUM 4.2

GHSA-4946-85pr-fvxh

vantage6's CORS settings overly permissive

Details

### Impact The vantage6 server has no restrictions on CORS settings. It should be possible for people to set the allowed origins of the server.

The impact is limited because v6 does not use session cookies

### Patches No

### Workarounds No

Enter the version of the package you're using.

Introduced in: 0 Fixed in: 4.3.0

Fix pip install --upgrade 'vantage6>=4.3.0'