Page 2 of 11 results (0.002 seconds)
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3135 – Cross-Site Request Forgery (CSRF) Vulnerability in mudler/localai
https://notcve.org/view.php?id=CVE-2024-3135
01 Apr 2024 — A Cross-Site Request Forgery (CSRF) vulnerability exists in the mudler/localai application, allowing attackers to craft malicious webpages that, when visited by a victim, perform unauthorized actions on the victim's local LocalAI instance without their consent. This vulnerability enables attackers to exhaust system resources, consume credits, and fill disk space by making numerous resource-intensive API calls, such as generating images or uploading files. The vulnerability stems from the application's accep... • https://github.com/KTN1990/CVE-2024-31351_wordpress_exploit • CWE-352: Cross-Site Request Forgery (CSRF) •