PatchSiren cyber security CVE debrief
CVE-2026-12228 parisneo CVE debrief
CVE-2026-12228 is a stored cross-site scripting (XSS) vulnerability in the `POST /api/prompts/share` endpoint of parisneo/lollms. The endpoint stores attacker-controlled `prompt_content` into `DBDirectMessage.content` without server-side sanitization. When a victim opens the direct message (DM) thread, the message is rendered by the DM UI through `MessageContentRenderer`, which uses `v-html` to insert rendered HTML into the DOM. The frontend sanitizer, which is regex-based, fails to comprehensively sanitize attacker-controlled HTML, allowing malicious payloads to execute in the victim's browser context.
- Vendor
- parisneo
- Product
- parisneo/lollms
- CVSS
- HIGH 8.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-18
- Original CVE updated
- 2026-07-18
- Advisory published
- 2026-07-18
- Advisory updated
- 2026-07-18
Who should care
Users of parisneo/lollms, particularly those hosting the application, should be aware of this vulnerability. An authenticated user can send a malicious prompt-share message to another user's inbox, leading to arbitrary JavaScript execution, authenticated actions as the victim, exposure of same-origin application data, and potential account takeover.
Technical summary
The vulnerability exists in the `POST /api/prompts/share` endpoint of parisneo/lollms. The endpoint stores attacker-controlled `prompt_content` into `DBDirectMessage.content` without server-side sanitization. The frontend sanitizer fails to comprehensively sanitize attacker-controlled HTML, allowing malicious payloads to execute in the victim's browser context. This enables any authenticated user to send a malicious prompt-share message to another user's inbox, leading to arbitrary JavaScript execution.
Defensive priority
High
Recommended defensive actions
- Apply the vendor's official patch or upgrade to a patched version.
- Implement additional input validation and sanitization for user-controlled input.
- Monitor for suspicious activity, such as unusual login attempts or changes to user accounts.
- Consider implementing a web application firewall (WAF) to detect and prevent XSS attacks.
- Review compensating controls for exposed systems while remediation is scheduled and verified.
- Check relevant monitoring, detection, and logs for exposed assets that need extra review.
- Track exceptions, retest remediated assets, and close the item only after evidence is documented.
Evidence notes
The vulnerability was reported by [email protected] and is tracked as CVE-2026-12228. The NVD entry is currently Received. This stored cross-site scripting (XSS) vulnerability exists in the `POST /api/prompts/share` endpoint of parisneo/lollms. The endpoint stores attacker-controlled `prompt_content` into `DBDirectMessage.content` without server-side sanitization. When a victim opens the direct message (DM) thread, the message is rendered by the DM UI through `MessageContentRenderer`, which uses `v-html` to insert rendered HTML into the DOM. The frontend sanitizer, which is regex-based, fails to comprehensively sanitize attacker-controlled HTML, allowing malicious payloads to execute in the victim's browser context. Users of parisneo/lollms, particularly those hosting the application, should be aware of this vulnerability. An authenticated user can send a malicious prompt-share message to another user's inbox, leading to arbitrary JavaScript execution, authenticated actions as the victim, exposure of same-origin application data, and potential account takeover.
Official resources
-
CVE-2026-12228 CVE record
CVE.org
-
CVE-2026-12228 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-18T21:17:03.040Z and has not been modified since then. The NVD entry is currently Received.