| 标题 | Lagom WHMCS Template ≤ 2.4.2 Denial of Service |
|---|
| 描述 | Lagom WHMCS Template Client-Side Denial of Service Vulnerability
The Lagom WHMCS Template bundles an outdated DataTables library containing a critical Denial of Service (DoS) vulnerability.
DataTables Memory Exhaustion: Rapid successive DataTable initializations with large datasets bypass memory bounds checking. The library processes massive row/cell string allocations without garbage collection limits or iteration caps, consuming gigabytes of RAM within seconds and forcing complete browser termination.
The vulnerability requires only JavaScript execution capability and results in immediate, permanent client application denial of service. Attackers can trigger crashes via console access, injected scripts, or chained XSS payloads. |
|---|
| 来源 | ⚠️ https://github.com/devsamuelsantiago/lagom-whmcs-dos-poc |
|---|
| 用户 | s4nnty (UID 95917) |
|---|
| 提交 | 2026-03-28 15時50分 (23 日前) |
|---|
| 管理 | 2026-04-19 15時57分 (22 days later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 358236 [Lagom WHMCS Template 直到 2.4.2 Datatables 拒绝服务] |
|---|
| 积分 | 20 |
|---|