Skip to main content

Parisneo Lollms CVE-2026-1115

| EUVDEUVD-2026-21320 CRITICAL
Cross-site Scripting (XSS) (CWE-79)
2026-04-10 @huntr_ai GHSA-8wrq-fv5f-pfp2
9.6
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
9.6 CRITICAL
AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

5
Re-analysis Queued
Apr 16, 2026 - 19:52 vuln.today
cvss_changed
Patch released
Apr 11, 2026 - 02:30 nvd
Patch available
EUVD ID Assigned
Apr 10, 2026 - 07:00 euvd
EUVD-2026-21320
Analysis Generated
Apr 10, 2026 - 07:00 vuln.today
CVE Published
Apr 10, 2026 - 06:23 nvd
CRITICAL 9.6

DescriptionCVE.org

A Stored Cross-Site Scripting (XSS) vulnerability was identified in the social feature of parisneo/lollms, affecting the latest version prior to 2.2.0. The vulnerability exists in the create_post function within backend/routers/social/__init__.py, where user-provided content is directly assigned to the DBPost model without sanitization. This allows attackers to inject and store malicious JavaScript, which is executed in the browsers of users viewing the Home Feed, including administrators. This can lead to account takeover, session hijacking, and wormable attacks. The issue is resolved in version 2.2.0.

AnalysisAI

Stored cross-site scripting in parisneo/lollms versions prior to 2.2.0 enables unauthenticated attackers to inject malicious JavaScript through unsanitized social post content in the create_post function. Injected scripts execute in victims' browsers when viewing the Home Feed, enabling account takeover, session hijacking, and wormable propagation across the platform. The CVSS vector indicates network-accessible exploitation requiring user interaction, with scope change allowing cross-domain impact. No public exploit identified at time of analysis, but low attack complexity increases weaponization risk.

Technical ContextAI

Root cause lies in direct assignment of user-controlled input to DBPost model within backend/routers/social/__init__.py without HTML entity encoding or content security policy enforcement. CWE-79 stored variant allows persistent payload delivery. Scope change (S:C) in CVSS vector indicates DOM trust boundary violation enabling attacks beyond the vulnerable component's security context.

RemediationAI

Vendor-released patch: version 2.2.0 resolves the vulnerability through input sanitization in the create_post function. Organizations should immediately upgrade to 2.2.0 or later via standard package management. Verify installation from official repository at https://github.com/parisneo/lollms. The specific remediation commit 9767b882dbc893c388a286856beeaead69b8292a implements output encoding for user-generated content. If immediate upgrade is infeasible, disable social posting features or implement web application firewall rules filtering script tags in POST request bodies to /social endpoints. Consult vendor advisory at https://huntr.com/bounties/099aa4fe-7165-4337-889c-3fb4f1aa71aa for additional context.

Share

CVE-2026-1115 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy