CVE-2024-4328 | parisneo lollms-webui up to 9.6 Requests clear_personality_files_list cross-site request forgery

Posted by Angelo Barbosa | Jun 10, 2024 | CVE

A vulnerability, which was classified as problematic, was found in parisneo lollms-webui up to 9.6. This affects the function clear_personality_files_list of the component Requests Handler. The manipulation leads to cross-site request forgery.

This vulnerability is uniquely identified as CVE-2024-4328. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2024-4328 | parisneo lollms-webui up to 9.6 Requests clear_personality_files_list cross-site request forgery

Related Posts

CVE-2024-41237 | Kashipara Responsive School Management System 1.0 /smsa/teacher_login.php username sql injection

CVE-2024-5218 | Reviews and Rating Plugin up to 5.2 on WordPress cross site scripting

CVE-2024-1278 | Easy Social Feed Plugin up to 6.5.4 on WordPress Shortcode cross site scripting

CVE-2024-0990 | Tenda i6 1.0.0.9(3857) httpd /goform/setAutoPing formSetAutoPing ping1 stack-based overflow