CVE-2024-2288

CSRF File Upload Vulnerability in parisneo/lollms-webui

Severity Score

8.3

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track*

*SSVC

Descriptions

A Cross-Site Request Forgery (CSRF) vulnerability exists in the profile picture upload functionality of the Lollms application, specifically in the parisneo/lollms-webui repository, affecting versions up to 7.3.0. This vulnerability allows attackers to change a victim's profile picture without their consent, potentially leading to a denial of service by overloading the filesystem with files. Additionally, this flaw can be exploited to perform a stored cross-site scripting (XSS) attack, enabling attackers to execute arbitrary JavaScript in the context of the victim's browser session. The issue is resolved in version 9.3.

Existe una vulnerabilidad de Cross-Site Request Forgery (CSRF) en la funcionalidad de carga de imágenes de perfil de la aplicación Lollms, específicamente en el repositorio parisneo/lollms-webui, que afecta a las versiones hasta 7.3.0. Esta vulnerabilidad permite a los atacantes cambiar la imagen de perfil de una víctima sin su consentimiento, lo que podría provocar una denegación de servicio al sobrecargar el sistema de archivos con archivos. Además, esta falla se puede aprovechar para realizar un ataque de Cross-site Scripting (XSS) almacenado, lo que permite a los atacantes ejecutar JavaScript arbitrario en el contexto de la sesión del navegador de la víctima. El problema se resuelve en la versión 9.3.

*Credits: N/A

CVSS Scores

huntr.devv3 8.3

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

Low

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Track*

Exploitation

Poc

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-01-25 First Exploit
2024-03-07 CVE Reserved
2024-06-06 CVE Published
2024-08-01 CVE Updated
2024-10-16 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-352: Cross-Site Request Forgery (CSRF)

CAPEC

References (3)

URL	Tag	Source
https://github.com/parisneo/lollms-webui/commit/ed085e6effab2b1e25ba2b00366a16ff67d8551b
https://huntr.com/bounties/2a37ae0c-890a-401a-8f3c-a261f3006290

URL	Date	SRC
https://github.com/shenhav12/CVE-2024-22889-Plone-v6.0.9	2024-01-25

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
-		-				-		-		-