CVE-2026-1116 | parisneo lollms up to 2.1.x AppLollmsMessage from_dict content cross site scripting

Inserito da Angelo Barbosa | Apr 12, 2026 | CVE

A vulnerability was found in parisneo lollms up to 2.1.x and classified as problematic. The impacted element is the function from_dict of the component AppLollmsMessage. Such manipulation of the argument content leads to cross site scripting.

This vulnerability is referenced as CVE-2026-1116. It is possible to launch the attack remotely. No exploit is available.

It is suggested to upgrade the affected component.

CVE-2026-1116 | parisneo lollms up to 2.1.x AppLollmsMessage from_dict content cross site scripting

Post correlati

CVE-2024-2849 | SourceCodester Simple File Manager 1.0 photo unrestricted upload

CVE-2022-48702 | Linux Kernel up to 5.19.8 ALSA snd_emu10k1_pcm_channel_alloc array index

CVE-2025-13778 | ABB AWIN GW100/AWIN GW120 2.0-0/2.0-1 missing authentication

CVE-2024-41161 | Vonets VGA-1000 up to 3.3.23.6.9 hard-coded credentials (icsa-24-214-08)