LumisXP 漏洞列表
共找到 4 个与 LumisXP 相关的漏洞
📅 加载漏洞趋势中...
-
CVE-2021-27931: LumisXP <10.0.0 - Blind XML External Entity Attack POC
LumisXP (aka Lumis Experience Platform) before 10.0.0 allows unauthenticated blind XML external entity (XXE) attacks via an API request to PageControllerXml.jsp. One can send a request crafted with an XXE payload and achieve outcomes such as reading local server files or denial of service. -
CVE-2024-33326: LumisXP - Cross-site Scripting POC
A cross-site scripting (XSS) vulnerability in the XsltResultControllerHtml.jsp component of LumisXP v15.0.x to v16.1.x allows attackers to execute arbitrary web scripts or HTML via the lumPageID parameter. -
CVE-2021-27931: LumisXP <10.0.0 - Blind XML External Entity Attack POC
LumisXP (aka Lumis Experience Platform) before 10.0.0 allows unauthenticated blind XML external entity (XXE) attacks via an API request to PageControllerXml.jsp. One can send a request crafted with an XXE payload and achieve outcomes such as reading local server files or denial of service. -
CVE-2024-33326: LumisXP - Cross-site Scripting POC
A cross-site scripting (XSS) vulnerability in the XsltResultControllerHtml.jsp component of LumisXP v15.0.x to v16.1.x allows attackers to execute arbitrary web scripts or HTML via the lumPageID parameter.