Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/04/13 7:22 p.m.6 views

CVE-2026-1116

A Cross-site Scripting XSS vulnerability was identified in the fromdict method of the AppLollmsMessage class in parisneo/lollms prior to version 2.2.0. The vulnerability arises from the lack of sanitization or HTML encoding of the content field when deserializing user-provided data. This allows a...

8.2CVSS5.8AI score0.00258EPSS
Exploits1References1
NVD
NVD
added 2026/04/12 3:16 a.m.4 views

CVE-2026-1116

A Cross-site Scripting XSS vulnerability was identified in the fromdict method of the AppLollmsMessage class in parisneo/lollms prior to version 2.2.0. The vulnerability arises from the lack of sanitization or HTML encoding of the content field when deserializing user-provided data. This allows a...

8.2CVSS0.00258EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/04/12 2:22 a.m.34 views

CVE-2026-1116 Cross-site Scripting (XSS) in parisneo/lollms

A Cross-site Scripting XSS vulnerability was identified in the fromdict method of the AppLollmsMessage class in parisneo/lollms prior to version 2.2.0. The vulnerability arises from the lack of sanitization or HTML encoding of the content field when deserializing user-provided data. This allows a...

8.2CVSS0.00258EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/04/12 2:22 a.m.7 views

CVE-2026-1116

A Cross-site Scripting XSS vulnerability was identified in the fromdict method of the AppLollmsMessage class in parisneo/lollms prior to version 2.2.0. The vulnerability arises from the lack of sanitization or HTML encoding of the content field when deserializing user-provided data. This allows a...

8.2CVSS7.2AI score0.00258EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/04/12 12:0 a.m.5 views

LoLLMs 跨站脚本漏洞

LoLLMs is a large language and multimodal system personally developed by Saifeddine ALOUI. Versions of LoLLMs prior to 2.2.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from the fromdict method in the AppLollmsMessage class, which did not clean or encode the content...

8.2CVSS7.1AI score0.00258EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/12 12:0 a.m.7 views

PT-2026-32142

A Cross-site Scripting XSS vulnerability was identified in the from dict method of the AppLollmsMessage class in parisneo/lollms prior to version 2.2.0. The vulnerability arises from the lack of sanitization or HTML encoding of the content field when deserializing user-provided data. This allows ...

8.2CVSS5.8AI score0.00258EPSS
Exploits1References3
Rows per page
Query Builder