4 matches found
CVE-2024-5482
A Server-Side Request Forgery SSRF vulnerability exists in the 'addwebpage' endpoint of the parisneo/lollms-webui application, affecting the latest version. The vulnerability arises because the application does not adequately validate URLs entered by users, allowing them to input arbitrary URLs,...
CVE-2024-5482 SSRF in add_webpage endpoint in parisneo/lollms-webui
A Server-Side Request Forgery SSRF vulnerability exists in the 'addwebpage' endpoint of the parisneo/lollms-webui application, affecting the latest version. The vulnerability arises because the application does not adequately validate URLs entered by users, allowing them to input arbitrary URLs,...
CVE-2024-5482 SSRF in add_webpage endpoint in parisneo/lollms-webui
A Server-Side Request Forgery SSRF vulnerability exists in the 'addwebpage' endpoint of the parisneo/lollms-webui application, affecting the latest version. The vulnerability arises because the application does not adequately validate URLs entered by users, allowing them to input arbitrary URLs,...
CVE-2024-5482
CVE-2024-5482 describes a Server-Side Request Forgery in the Parisneo/Lollms-WebUI - specifically the add_webpage/add webpage endpoint. The issue arises from insufficient URL validation, allowing attackers to supply arbitrary URLs (including localhost/127.0.0.1) and trigger unauthorized requests ...