4 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-30924
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - qui is a web interface for managing qBittorrent instances. Versions 1.14.1 and below use a permissive CORS policy that reflects arbitrary origins while also...
CVE-2026-30924
CVE-2026-30924 affects the web interface for managing qBittorrent instances (qui). Versions 1.14.1 and earlier are reported to have a permissive CORS policy that reflects arbitrary origins and returns Access-Control-Allow-Credentials: true, enabling a logged-in user’s session to be leveraged by a...
CVE-2026-30924 qui CORS Misconfiguration: Arbitrary Origins Trusted
qui is a web interface for managing qBittorrent instances. Versions 1.14.1 and below use a permissive CORS policy that reflects arbitrary origins while also returning Access-Control-Allow-Credentials: true, effectively allowing any external webpage to make authenticated requests on behalf of a...
qui 安全漏洞
qui is a lightweight multi-instance web management interface developed by autobrr. Versions of qui prior to 1.14.1 have security vulnerabilities, which stem from overly permissive CORS policies. These vulnerabilities could lead to cross-domain request forgery and information leakage...