Lollms
CVE-2024-4499
MEDIUM
Severity by source
AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Lifecycle Timeline
1DescriptionNVD
A Cross-Site Request Forgery (CSRF) vulnerability exists in the XTTS server of parisneo/lollms version 9.6 due to a lax CORS policy. The vulnerability allows attackers to perform unauthorized actions by tricking a user into visiting a malicious webpage, which can then trigger arbitrary LoLLMS-XTTS API requests. This issue can lead to the reading and writing of audio files and, when combined with other vulnerabilities, could allow for the reading of arbitrary files on the system and writing files outside the permitted audio file location.
AnalysisAI
A Cross-Site Request Forgery (CSRF) vulnerability exists in the XTTS server of parisneo/lollms version 9.6 due to a lax CORS policy. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified as Cross-Site Request Forgery (CSRF) (CWE-352), which allows attackers to trick authenticated users into performing unintended actions. A Cross-Site Request Forgery (CSRF) vulnerability exists in the XTTS server of parisneo/lollms version 9.6 due to a lax CORS policy. The vulnerability allows attackers to perform unauthorized actions by tricking a user into visiting a malicious webpage, which can then trigger arbitrary LoLLMS-XTTS API requests. This issue can lead to the reading and writing of audio files and, when combined with other vulnerabilities, could allow for the reading of arbitrary files on the system and writing files outside the permitted audio file location. Affected products include: Lollms. Version information: version 9.6.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Implement anti-CSRF tokens, validate Origin/Referer headers, use SameSite cookie attribute.
A path traversal vulnerability exists in the parisneo/lollms application, specifically within the `sanitize_path_from_en
Server-Side Request Forgery (SSRF) in parisneo/lollms versions before 2.2.0 allows unauthenticated remote attackers to m
A path traversal vulnerability exists in the parisneo/lollms application, affecting version 9.4.0 and potentially earlie
Unauthenticated file upload in parisneo/lollms versions ≤2.2.0 enables remote attackers to submit arbitrary files for te
A path traversal vulnerability exists in the api open_personality_folder endpoint of parisneo/lollms-webui. Rated medium
Authenticated users in parisneo/lollms (versions before 2.2.0) can hijack friend requests intended for other users throu
A remote code execution vulnerability exists in the create_conda_env function of the parisneo/lollms repository, version
Same weakness CWE-352 – Cross-Site Request Forgery (CSRF)
View allShare
External POC / Exploit Code
Leaving vuln.today