Javamelody Project Javamelody vulnerabilities
2 known vulnerabilities affecting javamelody_project/javamelody.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2018-15531P3CRITICALCVSS 9.8fixed in 1.74.02018-09-26
CVE-2018-15531 [CRITICAL] CWE-611 CVE-2018-15531: JavaMelody before 1.74.0 has XXE via parseSoapMethodName in bull/javamelody/PayloadNameRequestWrappe
JavaMelody before 1.74.0 has XXE via parseSoapMethodName in bull/javamelody/PayloadNameRequestWrapper.java.
nvd
CVE-2018-12432P4MEDIUMCVSS 6.1≤ 1.60.02018-06-14
CVE-2018-12432 [MEDIUM] CWE-79 CVE-2018-12432: JavaMelody through 1.60.0 has XSS via the counter parameter in a clear_counter action to the /monito
JavaMelody through 1.60.0 has XSS via the counter parameter in a clear_counter action to the /monitoring URI.
nvd