10Nis
CVE-2024-1520 | parisneo lollms-webui up to 9.0 /open_code_folder discussion_id os command injection
A vulnerability classified as very critical has been found in parisneo lollms-webui up to 9.0. This affects an unknown part of the file /open_code_folder. The manipulation of the argument discussion_id leads to os command injection. This vulnerability is uniquely identified as CVE-2024-1520. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.