In version 0.6.0 of eosphoros-ai/db-gpt, the uvicorn app created by dbgpt_server uses an overly permissive instance of CORSMiddleware which sets the Access-Control-Allow-Origin to * for all requests. This configuration makes all endpoints exposed by the server vulnerable to Cross-Site Request Forgery (CSRF). An attacker can exploit this vulnerability to interact with any endpoints of the instance, even if the instance is not publicly exposed to the network.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/10xxx/CVE-2024-10906.json",
"cwe_ids": [
"CWE-352"
],
"cna_assigner": "@huntr_ai"
}