Skip to main content

Lumis Experience Platform

1 CVEs product

Monthly

CVE-2021-27931 CRITICAL POC THREAT Act Now

LumisXP (aka Lumis Experience Platform) before 10.0.0 allows unauthenticated blind XXE via an API request to PageControllerXml.jsp. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service XXE Lumis Experience Platform
NVD GitHub
CVSS 3.1
9.1
EPSS
18.6%
EPSS 19% CVSS 9.1
CRITICAL POC THREAT Act Now

LumisXP (aka Lumis Experience Platform) before 10.0.0 allows unauthenticated blind XXE via an API request to PageControllerXml.jsp. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service XXE Lumis Experience Platform
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy