CVE-2024-4328

A Cross-Site Request Forgery (CSRF) vulnerability exists in the clear_personality_files_list function of the parisneo/lollms-webui v9.6. The vulnerability arises from the use of a GET request to clear personality files list, which lacks proper CSRF protection. This flaw allows attackers to trick users into performing actions without their consent, such as deleting important files on the system. The issue is present in the application's handling of requests, making it susceptible to CSRF attacks that could lead to unauthorized actions being performed on behalf of the user.

CVSS v3 8.1 HIGH

8.1^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://huntr.com/bounties/0f4faadf-ebca-4ef8-9d8a-66dbd849c0f8	Exploit

Configurations

Configuration 1 (hide)

cpe:2.3:a:parisneo:lollms_web_ui:9.6:*:*:*:*:*:*:*

History

No history.

Information

Published : 2024-06-10 08:15

Updated : 2024-06-12 19:33

NVD link : CVE-2024-4328

Mitre link : CVE-2024-4328

CVE.ORG link : CVE-2024-4328

JSON object : View

Products Affected

parisneo

lollms_web_ui

CWE

CWE-352

Cross-Site Request Forgery (CSRF)

{"id": "CVE-2024-4328", "cveTags": [], "metrics": {"cvssMetricV30": [{"type": "Secondary", "source": "security@huntr.dev", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 4.0, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.5}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 5.2, "exploitabilityScore": 2.8}]}, "published": "2024-06-10T08:15:51.730", "references": [{"url": "https://huntr.com/bounties/0f4faadf-ebca-4ef8-9d8a-66dbd849c0f8", "tags": ["Exploit"], "source": "security@huntr.dev"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security@huntr.dev", "description": [{"lang": "en", "value": "CWE-352"}]}], "descriptions": [{"lang": "en", "value": "A Cross-Site Request Forgery (CSRF) vulnerability exists in the clear_personality_files_list function of the parisneo/lollms-webui v9.6. The vulnerability arises from the use of a GET request to clear personality files list, which lacks proper CSRF protection. This flaw allows attackers to trick users into performing actions without their consent, such as deleting important files on the system. The issue is present in the application's handling of requests, making it susceptible to CSRF attacks that could lead to unauthorized actions being performed on behalf of the user."}, {"lang": "es", "value": "Existe una vulnerabilidad de Cross-Site Request Forgery (CSRF) en la funci\u00f3n clear_personality_files_list de parisneo/lollms-webui v9.6. La vulnerabilidad surge del uso de una solicitud GET para borrar la lista de archivos de personalidad, que carece de la protecci\u00f3n CSRF adecuada. Esta falla permite a los atacantes enga\u00f1ar a los usuarios para que realicen acciones sin su consentimiento, como eliminar archivos importantes del sistema. El problema est\u00e1 presente en el manejo de solicitudes por parte de la aplicaci\u00f3n, lo que la hace susceptible a ataques CSRF que podr\u00edan llevar a la realizaci\u00f3n de acciones no autorizadas en nombre del usuario."}], "lastModified": "2024-06-12T19:33:00.527", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:parisneo:lollms_web_ui:9.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "525C477F-F133-44B9-A0BC-43C1080D35F1"}], "operator": "OR"}]}], "sourceIdentifier": "security@huntr.dev"}