CVE-2024-5933
CVSS V2 None
CVSS V3 None
Description
A Cross-site Scripting (XSS) vulnerability exists in the chat functionality of parisneo/lollms-webui in the latest version. This vulnerability allows an attacker to inject malicious scripts via chat messages, which are then executed in the context of the user's browser.
Overview
- CVE ID
- CVE-2024-5933
- Assigner
- @huntr_ai
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-06-27T18:46:17.563Z
- Last Modified Date
- 2024-06-27T18:46:17.563Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://huntr.com/bounties/51a2e370-3b64-45cd-9afc-0e4856ab5517 |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-5933 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5933 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-28 13:07:19 | Added to TrackCVE |