Youdao Qanything

5 CVEs affecting Youdao Qanything. Latest disclosed: 2025-03-20. Critical: 1, High: 3.

Top CVEs affecting Youdao Qanything
CVESeverityScorePublishedSummary
CVE-2024-10264Critical9.82025-03-20HTTP Request Smuggling vulnerability in netease-youdao/qanything version 1.4.1 allows attackers to exploit inconsistencies in the interpretation of HTTP reques…
CVE-2024-8024High7.52025-03-20A CORS misconfiguration vulnerability exists in netease-youdao/qanything version 1.4.1. This vulnerability allows an attacker to bypass the Same-Origin Policy…
CVE-2024-12866High7.52025-03-20A local file inclusion vulnerability exists in netease-youdao/qanything version v2.0.0. This vulnerability allows an attacker to read arbitrary files on the fi…
CVE-2024-12864High7.52025-03-20A Denial of Service (DoS) vulnerability was discovered in the file upload feature of netease-youdao/qanything version v2.0.0. The vulnerability is due to impro…
CVE-2024-8027Medium6.12025-03-20A stored Cross-Site Scripting (XSS) vulnerability exists in netease-youdao/QAnything. Attackers can upload malicious knowledge files to the knowledge base, whi…