Unrated severityNVD Advisory· Published Mar 20, 2025· Updated Mar 20, 2025

CORS Misconfiguration in netease-youdao/qanything

CVE-2024-8024

Description

A CORS misconfiguration vulnerability exists in netease-youdao/qanything version 1.4.1. This vulnerability allows an attacker to bypass the Same-Origin Policy, potentially leading to sensitive information exposure. Properly implementing a restrictive CORS policy is crucial to prevent such security issues.

Affected products

Netease Youdao/Netease Youdao/qanythingv5
Range: unspecified

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

huntr.com/bounties/bda53fab-88aa-4e03-8d9d-4cf50a98ffc7mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000