Описание
A Cross-Origin Resource Sharing (CORS) vulnerability exists in feast-dev/feast version 0.40.0. The CORS configuration on the agentscope server does not properly restrict access to only trusted origins, allowing any external domain to make requests to the API. This can bypass intended security controls and potentially expose sensitive information.
EPSS
Процентиль: 14%
0.00045
Низкий
7.4 High
CVSS3
Дефекты
CWE-346
Связанные уязвимости
CVSS3: 7.4
github
11 месяцев назад
Feast Cross-Origin Resource Sharing vulnerability
EPSS
Процентиль: 14%
0.00045
Низкий
7.4 High
CVSS3
Дефекты
CWE-346