CVE-2024-8024
HIGHDescription
A CORS misconfiguration vulnerability exists in netease-youdao/qanything version 1.4.1. This vulnerability allows an attacker to bypass the Same-Origin Policy, potentially leading to sensitive information exposure. Properly implementing a restrictive CORS policy is crucial to prevent such security issues.
Is your site exposed to CVE-2024-8024?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| youdao | qanything |
References
Frequently Asked Questions
What is CVE-2024-8024? +
How severe is CVE-2024-8024? +
What products are affected by CVE-2024-8024? +
How do I check if I'm vulnerable to CVE-2024-8024? +
Related Vulnerabilities
OPPO Wallet APP contains a trusted domain validation flaw that allows attackers to bypass protected interface access restrictions, which may …
AdGuard Home is a network-wide software for blocking ads and tracking. Prior to 0.107.75, AdGuard Home's client-triggered DoQ forwarding path …
Idira Identity Browser Extension (Chrome, Firefox, and Edge builds) versions prior to 26.8.1 exhibit an origin validation flaw within its …
The MCP Python SDK, called mcp on PyPI, is a Python implementation of the Model Context Protocol (MCP). Prior to …
Improper Verification of Source of a Communication Channel in Work Desktop for Mac versions 10.8.1.46 and earlier allows attackers to …
"This issue is limited to motherboards and does not affect laptops, desktop computers, or other endpoints." An insufficient validation in …