CVE-2024-4328 | parisneo lollms-webui up to 9.6 Requests clear_personality_files_list cross-site request forgery

Posted by Angelo Barbosa | Jun 10, 2024 | CVE

A vulnerability, which was classified as problematic, was found in parisneo lollms-webui up to 9.6. This affects the function clear_personality_files_list of the component Requests Handler. The manipulation leads to cross-site request forgery.

This vulnerability is uniquely identified as CVE-2024-4328. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2024-4328 | parisneo lollms-webui up to 9.6 Requests clear_personality_files_list cross-site request forgery

Related Posts

CVE-2021-34965 | Foxit PDF Editor 11.0.0.49893 Squiggly Annotation use after free (ZDI-21-1196)

CVE-2024-44334 | D-Link DI-7400G+V2 24.04.18 CGI upgrade_filter.asp Privilege Escalation

CVE-2024-35698 | YITH WooCommerce Tab Manager Plugin up to 1.35.0 on WordPress cross site scripting

CVE-2023-48417 | Google Android KeyChainActivity App permission