CVE-2024-6985 | parisneo lollms-webui up to 5.8.x open_personality_folder path traversal
A vulnerability was found in parisneo lollms-webui up to 5.8.x. It has been declared as problematic. This vulnerability affects the function open_personality_folder. The manipulation of the argument personality_folder leads to relative path traversal.
This vulnerability was named CVE-2024-6985. An attack has to be approached locally. There is no exploit available.
It is recommended to upgrade the affected component.