First published: Thu Jun 27 2024(Updated: )
A Cross-site Scripting (XSS) vulnerability exists in the chat functionality of parisneo/lollms-webui in the latest version. This vulnerability allows an attacker to inject malicious scripts via chat messages, which are then executed in the context of the user's browser.
Credit: security@huntr.dev
Affected Software | Affected Version | How to fix |
---|---|---|
Parisneo Lollms |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-5933 is rated as a high severity Cross-site Scripting (XSS) vulnerability.
To fix CVE-2024-5933, you should update to the latest version of parisneo/lollms-webui that includes the patch for this vulnerability.
CVE-2024-5933 is a Cross-site Scripting (XSS) vulnerability affecting the chat functionality.
CVE-2024-5933 affects users of the parisneo/lollms-webui application.
CVE-2024-5933 can be exploited by an attacker injecting malicious scripts into chat messages, leading to execution in the user's browser.