4 matches found
CVE-2024-4839
CVE-2024-4839 affects parisneo/lollms-webui, versions 9.6 through the latest. The vulnerability is a CSRF flaw in the 'Servers Configurations' function that guards several components (Elastic search Service, XTTS service, Petals service, vLLM service, Motion Ctrl service). The root cause is lack ...
CVE-2024-4839 CSRF in Servers Configurations in parisneo/lollms-webui
A Cross-Site Request Forgery CSRF vulnerability exists in the 'Servers Configurations' function of the parisneo/lollms-webui, versions 9.6 to the latest. The affected functions include Elastic search Service under construction, XTTS service, Petals service, vLLM service, and Motion Ctrl service,...
CVE-2024-4839 CSRF in Servers Configurations in parisneo/lollms-webui
A Cross-Site Request Forgery CSRF vulnerability exists in the 'Servers Configurations' function of the parisneo/lollms-webui, versions 9.6 to the latest. The affected functions include Elastic search Service under construction, XTTS service, Petals service, vLLM service, and Motion Ctrl service,...
LoLLMs Cross-Site Request Forgery Vulnerability
LoLLMs is a Web UI for a large language multimodal system by the individual developer Saifeddine ALOUI. A cross-site request forgery vulnerability exists in LoLLMs version 9.6 and prior versions, which stems from a lack of cross-site request forgery protection in the Elastic Search Service, XTTS...