A vulnerability classified as problematic was found in parisneo lollms up to 9.6. Affected by this vulnerability is an unknown functionality of the component XTTS Server. The manipulation leads to cross-site request forgery.

This vulnerability is known as CVE-2024-4499. The attack can be launched remotely. There is no exploit available.