CVE-2024-13971

UNKNOWN NVD

CVSS Score 0

Severity UNKNOWN

Published Apr 30, 2026

Vendor unknown

Description

Unauthenticated attackers can exploit a weakness in the XML parser functionality of Lobster_pro prior to version 4.12.6-GA. This allows them to obtain read access to files on the application server and adjacent network shares, and perform HTTP GET requests to arbitrary services.

References

https://www.schutzwerk.com/en/blog/schutzwerk-sa-2024-005/