3 matches found
CVE-2024-1602
parisneo/lollms-webui is vulnerable to stored Cross-Site Scripting XSS that leads to Remote Code Execution RCE. The vulnerability arises due to inadequate sanitization and validation of model output data, allowing an attacker to inject malicious JavaScript code. This code can be executed within t...
CVE-2024-1602
creationtimestamp| type| source ---|---|--- 2024-04-12 11:16:49+00:00| seen| https://t.me/arpsyndicate/4601...
CVE-2024-1602
parisneo/lollms-webui is vulnerable to stored Cross-Site Scripting XSS that leads to Remote Code Execution RCE. The vulnerability arises due to inadequate sanitization and validation of model output data, allowing an attacker to inject malicious JavaScript code. This code can be executed within t...