Security Advisory

CVE-2024-11602

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-03-20 10:10:54

Last updated 2025-03-20 18:15:18

Assigner @huntr_ai

State PUBLISHED

Description

A Cross-Origin Resource Sharing (CORS) vulnerability exists in feast-dev/feast version 0.40.0. The CORS configuration on the agentscope server does not properly restrict access to only trusted origins, allowing any external domain to make requests to the API. This can bypass intended security controls and potentially expose sensitive information.

← Browse all CVEs View on cve.org ↗