PT-2024-23853
Name of the Vulnerable Software and Affected Versions parisneo/lollms version 5.9.0 Description A remote code execution issue exists in the create conda env function due to the use of shell=True in the subprocess.Popen function. This allows an attacker to inject arbitrary commands by manipulating...