Primary

Context

Lagom WHMCS Template Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in the Lagom WHMCS Template, affecting versions through 2.4.2. The issue arises from the Datatables component, which, due to improper memory management, allows for resource exhaustion. This vulnerability can be exploited remotely and has been publicly disclosed, with an available proof-of-concept exploit.

Impact

Exploitation of this vulnerability leads to complete browser denial-of-service, causing the application to crash and terminate.

Reproduction

The vulnerability can be reproduced by initializing the Datatables component multiple times in quick succession with large datasets. This can be done by executing a script in the browser console that creates DataTables with excessive row and cell data, bypassing memory limits and causing the browser to crash.

Added: Apr 20, 2026, 4:20 AM

Updated: Apr 20, 2026, 4:20 AM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

0.8

exploitability

5.5

remediation

0.0

relevance

6.3

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

0.8

exploitability

5.5

remediation

0.0

relevance

6.3

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Lagom WHMCS Template Denial-of-Service Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

DataTables

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating