| Title | Lagom WHMCS Template ≤ 2.4.2 Denial of Service |
|---|
| Description | Lagom WHMCS Template Client-Side Denial of Service Vulnerability
The Lagom WHMCS Template bundles an outdated DataTables library containing a critical Denial of Service (DoS) vulnerability.
DataTables Memory Exhaustion: Rapid successive DataTable initializations with large datasets bypass memory bounds checking. The library processes massive row/cell string allocations without garbage collection limits or iteration caps, consuming gigabytes of RAM within seconds and forcing complete browser termination.
The vulnerability requires only JavaScript execution capability and results in immediate, permanent client application denial of service. Attackers can trigger crashes via console access, injected scripts, or chained XSS payloads. |
|---|
| Source | ⚠️ https://github.com/devsamuelsantiago/lagom-whmcs-dos-poc |
|---|
| User | s4nnty (UID 95917) |
|---|
| Submission | 03/28/2026 15:50 (23 days ago) |
|---|
| Moderation | 04/19/2026 15:57 (22 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 358236 [Lagom WHMCS Template up to 2.4.2 Datatables resource consumption] |
|---|
| Points | 20 |
|---|