A Cross-site Scripting (XSS) vulnerability exists in the chat functionality of parisneo/lollms-webui in the latest version. This vulnerability allows an attacker to inject malicious scripts via chat messages, which are then executed in the context of the user's browser.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: @huntr_ai
Published: 2024-06-27T18:46:17.563Z
Updated: 2024-06-28T15:07:33.248Z
Reserved: 2024-06-12T20:05:07.801Z
Link: CVE-2024-5933
JSON object: View
NVD Information
Status : Awaiting Analysis
Published: 2024-06-27T19:15:17.840
Modified: 2024-06-27T19:25:12.067
Link: CVE-2024-5933
JSON object: View
Redhat Information
No data.
CWE