EUVD-2025-6911

Malicious code in bioql PyPI...

CVE-2024-8489

A vulnerability in modelscope/agentscope, specifically in the AgentScope Studio backend server, allows for Cross-Site Request Forgery CSRF due to overly permissive CORS headers. This issue affects the latest commit on the main branch 21161fe. The vulnerability permits an attacker to access all...

CVE-2024-8489

CVSS 8.8 (HIGH) — CVE-2024-8489: CSRF in modelscope/agentscope, specifically the AgentScope Studio backend server. The issue stems from overly permissive CORS headers, allowing CSRF to access all backend endpoints, including the api/file endpoint for reading arbitrary files on the target’s local ...

CVE-2024-8489 CSRF due to overly permissive CORS headers in modelscope/agentscope

A vulnerability in modelscope/agentscope, specifically in the AgentScope Studio backend server, allows for Cross-Site Request Forgery CSRF due to overly permissive CORS headers. This issue affects the latest commit on the main branch 21161fe. The vulnerability permits an attacker to access all...

AgentScope 跨站请求伪造漏洞

AgentScope is a ModelScope open source application. Build LLM-based multi-intelligence applications more simply. AgentScope suffers from a cross-site request forgery vulnerability that stems from the CORS header on the AgentScope Studio backend server being configured too loosely to allow...