EUVD-2025-6911

Malicious code in bioql PyPI...

CVE-2024-8489

A vulnerability in modelscope/agentscope, specifically in the AgentScope Studio backend server, allows for Cross-Site Request Forgery CSRF due to overly permissive CORS headers. This issue affects the latest commit on the main branch 21161fe. The vulnerability permits an attacker to access all...

CVE-2024-8489 CSRF due to overly permissive CORS headers in modelscope/agentscope

A vulnerability in modelscope/agentscope, specifically in the AgentScope Studio backend server, allows for Cross-Site Request Forgery CSRF due to overly permissive CORS headers. This issue affects the latest commit on the main branch 21161fe. The vulnerability permits an attacker to access all...

CVE-2024-8489

CVSS 8.8 (HIGH) — CVE-2024-8489: CSRF in modelscope/agentscope, specifically the AgentScope Studio backend server. The issue stems from overly permissive CORS headers, allowing CSRF to access all backend endpoints, including the api/file endpoint for reading arbitrary files on the target’s local ...

AgentScope 跨站请求伪造漏洞

AgentScope is a ModelScope open source application. Build LLM-based multi-intelligence applications more simply. AgentScope suffers from a cross-site request forgery vulnerability that stems from the CORS header on the AgentScope Studio backend server being configured too loosely to allow...