6 matches found
CVE-2024-4839
A Cross-Site Request Forgery CSRF vulnerability exists in the 'Servers Configurations' function of the parisneo/lollms-webui, versions 9.6 to the latest. The affected functions include Elastic search Service under construction, XTTS service, Petals service, vLLM service, and Motion Ctrl service,...
CVE-2024-4839
A Cross-Site Request Forgery CSRF vulnerability exists in the 'Servers Configurations' function of the parisneo/lollms-webui, versions 9.6 to the latest. The affected functions include Elastic search Service under construction, XTTS service, Petals service, vLLM service, and Motion Ctrl service,...
CVE-2024-4839 CSRF in Servers Configurations in parisneo/lollms-webui
A Cross-Site Request Forgery CSRF vulnerability exists in the 'Servers Configurations' function of the parisneo/lollms-webui, versions 9.6 to the latest. The affected functions include Elastic search Service under construction, XTTS service, Petals service, vLLM service, and Motion Ctrl service,...
CVE-2024-4839 CSRF in Servers Configurations in parisneo/lollms-webui
A Cross-Site Request Forgery CSRF vulnerability exists in the 'Servers Configurations' function of the parisneo/lollms-webui, versions 9.6 to the latest. The affected functions include Elastic search Service under construction, XTTS service, Petals service, vLLM service, and Motion Ctrl service,...
CVE-2024-4839
CVE-2024-4839 affects parisneo/lollms-webui, versions 9.6 through the latest. The vulnerability is a CSRF flaw in the 'Servers Configurations' function that guards several components (Elastic search Service, XTTS service, Petals service, vLLM service, Motion Ctrl service). The root cause is lack ...
LoLLMs Cross-Site Request Forgery Vulnerability
LoLLMs is a Web UI for a large language multimodal system by the individual developer Saifeddine ALOUI. A cross-site request forgery vulnerability exists in LoLLMs version 9.6 and prior versions, which stems from a lack of cross-site request forgery protection in the Elastic Search Service, XTTS...