What is Cross-Origin Resource Sharing (CORS) Vulnerability in Web API?

CORS stands for Cross-origin resource sharing. It is a web-based mechanism that is used to control access to resources hosted outside a specific domain. It has several benefits, like getting the flexibility for addition and extension of the same-origin policy (SOP).

To test cross-origin resource sharing (CORS), you can use tools like OWASP Zed Attack Proxy Project. It will help you to intercept HTTP headers. You need to pay heed to the origin header to understand the domains that are allowed. 

Moreover, you can further inspect it with JavaScript, the manual way to check if the code is vulnerable to code injection as a result of not handling the input properly.