Unauthenticated attackers can exploit a weakness in the XML parser functionality of Lobster_pro prior to version 4.12.6-GA. This allows them to obtain read access to files on the application server and adjacent network shares, and perform HTTP GET requests to arbitrary services.
Get an AI-powered plain-language explanation of this vulnerability and remediation steps.
Login to generate AI explanation1 reference(s) from NVD