CVE-2024-2288

06.06.2024, 19:15

A Cross-Site Request Forgery (CSRF) vulnerability exists in the profile picture upload functionality of the Lollms application, specifically in the parisneo/lollms-webui repository, affecting versions up to 7.3.0. This vulnerability allows attackers to change a victim's profile picture without their consent, potentially leading to a denial of service by overloading the filesystem with files. Additionally, this flaw can be exploited to perform a stored cross-site scripting (XSS) attack, enabling attackers to execute arbitrary JavaScript in the context of the victim's browser session. The issue is resolved in version 9.3.

CSRF

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	8.3 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H
@huntr_ai	CNA	8.3 HIGH	NETWORK	LOW	NONE	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H
CISA-ADP	ADP	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 17%

Vendor	Product	Version
lollms	lollms_web_ui	𝑥 < 9.3

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-352 - Cross-Site Request Forgery (CSRF)
The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

References

https://github.com/parisneo/lollms-webui/commit/ed085e6effab2b1e25ba2b00366a16ff67d8551b

https://huntr.com/bounties/2a37ae0c-890a-401a-8f3c-a261f3006290

https://github.com/parisneo/lollms-webui/commit/ed085e6effab2b1e25ba2b00366a16ff67d8551b

https://huntr.com/bounties/2a37ae0c-890a-401a-8f3c-a261f3006290