CVE-2024-10264

Name of the Vulnerable Software and Affected Versions netease-youdao/qanything version 1.4.1

Description A HTTP Request Smuggling vulnerability exists due to inconsistencies in how HTTP requests are interpreted between a proxy and a server. This can lead to unauthorized access, bypassing security controls, session hijacking, data leakage, and potentially arbitrary code execution.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.