Lucene search

CVE-2024-2288

🗓️ 06 Jun 2024 19:54:15Reported by @huntr_aiType

A CSRF vulnerability in Lollms allows unauthorized profile picture changes, leading to potential denial of service and XSS attack

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 4
Vulnrichment	CVE-2024-2288 CSRF File Upload Vulnerability in parisneo/lollms-webui	6 Jun 202418:24	–	vulnrichment
Cvelist	CVE-2024-2288 CSRF File Upload Vulnerability in parisneo/lollms-webui	6 Jun 202418:24	–	cvelist
NVD	CVE-2024-2288	6 Jun 202419:15	–	nvd
OSV	CVE-2024-2288	6 Jun 202419:15	–	osv

Nvd

Vulners

Vulnrichment

Node

lollms lollms_web_uiRange<9.3

[
  {
    "vendor": "parisneo",
    "product": "parisneo/lollms-webui",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "9.3",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
huntr	www.huntr.com/bounties/2a37ae0c-890a-401a-8f3c-a261f3006290
github	www.github.com/parisneo/lollms-webui/commit/ed085e6effab2b1e25ba2b00366a16ff67d8551b

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

06 Jun 2024 19:15Current

8High risk

Vulners AI Score8

CVSS38.3

EPSS0.00057

SSVC

CWE-352