EUVD-2023-42476

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Lucee Server is vulnerable to RCE via XML XXE attack; fixed in versions 5.4.3.2 and others.

Reporter	Title	Published	Views	Family All 14
Circl	CVE-2023-38693	5 Mar 202518:37	–	circl
CNNVD	Lucee 代码问题漏洞	5 Mar 202500:00	–	cnnvd
CVE	CVE-2023-38693	5 Mar 202515:37	–	cve
Cvelist	CVE-2023-38693 RCE in Lucee REST endpoint	5 Mar 202515:37	–	cvelist
Github Security Blog	Lucee RCE/XXE Vulnerability	5 Mar 202518:31	–	github
NVD	CVE-2023-38693	5 Mar 202516:15	–	nvd
OSV	CVE-2023-38693 RCE in Lucee REST endpoint	5 Mar 202515:37	–	osv
OSV	GHSA-VWJX-MMWM-PWRF Lucee RCE/XXE Vulnerability	5 Mar 202518:31	–	osv
RedhatCVE	CVE-2023-38693	7 Mar 202515:41	–	redhatcve
Snyk	XML External Entity (XXE) Injection	5 Mar 202518:31	–	snyk

[
  {
    "enisaIdVendor": [
      {
        "id": "dbbeb617-bd49-33a1-b1da-f74b980c6c73",
        "vendor": {
          "name": "lucee"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "4c061d71-2e9c-3c92-a487-fc535d24986e",
        "product": {
          "name": "Lucee"
        },
        "product_version": "5.3.8.0, < 5.3.8.236"
      },
      {
        "id": "4f837226-41dc-3d0e-a57a-86de2df9e993",
        "product": {
          "name": "Lucee"
        },
        "product_version": "5.3.9.0, < 5.3.9.173"
      },
      {
        "id": "5b0c3bab-5017-326a-b51c-376080f7c49e",
        "product": {
          "name": "Lucee"
        },
        "product_version": "5.4.0.0, < 5.4.3.2"
      },
      {
        "id": "c1452041-fdb2-3d0f-a055-98b5561a956e",
        "product": {
          "name": "Lucee"
        },
        "product_version": "< 5.3.7.59"
      },
      {
        "id": "f7a62ce2-948e-3642-8529-14c6ea048e90",
        "product": {
          "name": "Lucee"
        },
        "product_version": "5.3.12.0, < 5.3.12.1"
      }
    ]
  }
]

Source	Link
github	www.github.com/lucee/Lucee/security/advisories/GHSA-vwjx-mmwm-pwrf
nvd	www.nvd.nist.gov/vuln/detail/CVE-2023-38693

03 Oct 2025 20:07Current

6.4Medium risk

Vulners AI Score6.4

CVSS 3.19.8

EPSS0.00294

SSVC