6.5

CVSS Score

3.0

Basic Information

CVE ID

CVE-2024-6581

GHSA ID

GHSA-cm59-8rmv-f2cj

EPSS Score

0.63922%

CWE

CWE-79

Published

10/29/2024

Updated

11/4/2024

KEV Status

Technology

Python

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2024-6581

CVE-2024-6581: Lollms vulnerable to Cross-site Scripting

A vulnerability in the discussion image upload function of the Lollms application, version v9.9, allows for the uploading of SVG files. Due to incomplete filtering in the sanitize_svg function, this can lead to cross-site scripting (XSS) vulnerabilities, which in turn pose a risk of remote code execution. The sanitize_svg function only removes script elements and 'on*' event attributes, but does not account for other potential vectors for XSS within SVG files. This vulnerability can be exploited when authorized users access a malicious URL containing the crafted SVG file.

(GitHub Advisory)

6.5

CVSS Score

3.0

Basic Information

CVE ID

CVE-2024-6581

GHSA ID

GHSA-cm59-8rmv-f2cj

EPSS Score

0.63922%

CWE

CWE-79

Published

10/29/2024

Updated

11/4/2024

KEV Status

Technology

Python

Technical Details

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
lollms	pip	<= 9.5.1

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability description explicitly identifies the sanitize_svg function as having incomplete filtering. The commit diff shows this function was modified to add allow-listing of elements/attributes and switch to defusedxml, confirming it was the vulnerable component. The CWE-79 classification and XSS exploitation vector directly map to insufficient sanitization in this SVG processing function. No other functions are mentioned in the vulnerability context or patch changes related to SVG handling.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* vuln*r**ility in t** *is*ussion im*** uplo** *un*tion o* t** Lollms *ppli**tion, v*rsion v*.*, *llows *or t** uplo**in* o* SV* *il*s. *u* to in*ompl*t* *ilt*rin* in t** s*nitiz*_sv* *un*tion, t*is **n l*** to *ross-sit* s*riptin* (XSS) vuln*r**ilit

Reasoning

T** vuln*r**ility **s*ription *xpli*itly i**nti*i*s t** s*nitiz*_sv* *un*tion *s **vin* in*ompl*t* *ilt*rin*. T** *ommit *i** s*ows t*is *un*tion w*s mo*i*i** to *** *llow-listin* o* *l*m*nts/*ttri*ut*s *n* swit** to ***us**xml, *on*irmin* it w*s t**

6.5

Basic Information

Concerned about an active attack path?

CVE-2024-6581: Lollms vulnerable to Cross-site Scripting

6.5

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI