### fix: verbessere CORS-Konfiguration

- **GlobalSecurityConfig:** Lockerung von `allowedOriginPatterns` auf `*`.
- **MailServiceApplication:** Hinzufügen einer redundanten `WebMvcConfigurer` Bean für zusätzliches CORS-Mapping.
- **UI:** Aktualisierung des Versionsmarkers auf `v2026-04-23.19 - NUCLEAR CORS FIX`.

backend/infrastructure/security/src/main/kotlin/at/mocode/infrastructure/security/GlobalSecurityConfig.kt

@@ -90,7 +90,7 @@ class GlobalSecurityConfig {
       "http://localhost:4000"
     )
     configuration.allowedOriginPatterns = listOf(
-      "https://*.mo-code.at"
+      "*"
     )
     configuration.allowedMethods = listOf("GET", "POST", "PUT", "DELETE", "OPTIONS")
     configuration.allowedHeaders = listOf("*")

backend/services/mail/mail-service/src/main/kotlin/at/mocode/mail/service/MailServiceApplication.kt

@@ -4,14 +4,31 @@ import org.slf4j.LoggerFactory
 import org.springframework.boot.autoconfigure.SpringBootApplication
 import org.springframework.boot.context.event.ApplicationReadyEvent
 import org.springframework.boot.runApplication
+import org.springframework.context.annotation.Bean
 import org.springframework.context.event.EventListener
 import org.springframework.core.env.Environment
+import org.springframework.web.servlet.config.annotation.CorsRegistry
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer
 
 @SpringBootApplication(scanBasePackages = ["at.mocode.mail", "at.mocode.infrastructure.security"])
 class MailServiceApplication(private val env: Environment) {
 
   private val log = LoggerFactory.getLogger(MailServiceApplication::class.java)
 
+  @Bean
+  fun corsConfigurer(): WebMvcConfigurer {
+    return object : WebMvcConfigurer {
+      override fun addCorsMappings(registry: CorsRegistry) {
+        registry.addMapping("/**")
+          .allowedOrigins("https://app.mo-code.at", "https://api.mo-code.at")
+          .allowedOriginPatterns("https://*.mo-code.at")
+          .allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS")
+          .allowedHeaders("*")
+          .allowCredentials(true)
+      }
+    }
+  }
+
   @EventListener(ApplicationReadyEvent::class)
   fun onApplicationReady() {
     val springPort = env.getProperty("server.port", "8083")