• caglararli@hotmail.com
  • 05386281520

CVE-2024-1520 | parisneo lollms-webui up to 9.0 /open_code_folder discussion_id os command injection

Çağlar Arlı      -    79 Views

CVE-2024-1520 | parisneo lollms-webui up to 9.0 /open_code_folder discussion_id os command injection

A vulnerability classified as very critical has been found in parisneo lollms-webui up to 9.0. This affects an unknown part of the file /open_code_folder. The manipulation of the argument discussion_id leads to os command injection. This vulnerability is uniquely identified as CVE-2024-1520. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.