PT-2024-37790 · Unknown · Lollms-Webui
Name of the Vulnerable Software and Affected Versions: lollms-webui versions v9.9 through the latest Description: A Cross-Site Request Forgery CSRF issue exists in the "install comfyui" endpoint of the lollms comfyui.py file. This endpoint uses the GET method without requiring a client ID, allowi...