A Cross-site Scripting (XSS) vulnerability exists in the...
Moderate severity
Unreviewed
Published
Jun 27, 2024
to the GitHub Advisory Database
•
Updated Jun 27, 2024
Description
Published by the National Vulnerability Database
Jun 27, 2024
Published to the GitHub Advisory Database
Jun 27, 2024
Last updated
Jun 27, 2024
A Cross-site Scripting (XSS) vulnerability exists in the chat functionality of parisneo/lollms-webui in the latest version. This vulnerability allows an attacker to inject malicious scripts via chat messages, which are then executed in the context of the user's browser.
References