216.73.217.98

CVE-2024-5933

· Published 27/06/2024 19:15 · Modified 27/06/2024 19:25

Labels: CVE-2024-5933 2024-06-27CVE-2024-5933CWE-79[email protected]

Essential information

Published
27/06/2024 19:15
Modified
27/06/2024 19:25
Author
Creator
CVSS
6.1 MEDIUM (v3.0)
CISA KEV
No
CWE
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CVSS metrics

Description

A Cross-site Scripting (XSS) vulnerability exists in the chat functionality of parisneo/lollms-webui in the latest version. This vulnerability allows an attacker to inject malicious scripts via chat messages, which are then executed in the context of the user's browser.

NVD status

Status
Awaiting Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
[email protected]
NVD
View on NVD

References