2 matches found
CVE-2024-4328
A Cross-Site Request Forgery CSRF vulnerability exists in the clearpersonalityfileslist function of the parisneo/lollms-webui v9.6. The vulnerability arises from the use of a GET request to clear personality files list, which lacks proper CSRF protection. This flaw allows attackers to trick users...
CVE-2024-4328
A Cross-Site Request Forgery CSRF vulnerability exists in the clearpersonalityfileslist function of the parisneo/lollms-webui v9.6. The vulnerability arises from the use of a GET request to clear personality files list, which lacks proper CSRF protection. This flaw allows attackers to trick users...