High severity7.5NVD Advisory· Published Mar 20, 2025· Updated Jun 17, 2026
CVE-2024-8024
CVE-2024-8024
Description
A CORS misconfiguration vulnerability exists in netease-youdao/qanything version 1.4.1. This vulnerability allows an attacker to bypass the Same-Origin Policy, potentially leading to sensitive information exposure. Properly implementing a restrictive CORS policy is crucial to prevent such security issues.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: =1.4.1
- Range: unspecified
Patches
Vulnerability mechanics
References
1- huntr.com/bounties/bda53fab-88aa-4e03-8d9d-4cf50a98ffc7nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.