net.bull.javamelody:javamelody-core@1.14.0 vulnerabilities
-
latest version
2.1.0
-
latest non vulnerable version
-
first published
14 years ago
-
latest version published
2 months ago
-
licenses detected
- [1.8.1,1.50.0)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the net.bull.javamelody:javamelody-core package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
net.bull.javamelody:javamelody-core is a JavaEE application monitoring module. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the How to fix Cross-site Scripting (XSS)? Upgrade |
[,1.61.0)
|
Cross-site Scripting (XSS) vulnerability in HtmlSessionInformationsReport.java in JavaMelody 1.46 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted X-Forwarded-For header. |
[,1.46.0)
|
Affected versions of this package are vulnerable to Cross-site Scripting (XSS) attacks. |
[,1.53.0)
|