net.bull.javamelody:javamelody-core@1.41.0 vulnerabilities
-
latest version
2.1.0
-
latest non vulnerable version
-
first published
14 years ago
-
latest version published
2 months ago
-
licenses detected
- [1.8.1,1.50.0)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the net.bull.javamelody:javamelody-core package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
net.bull.javamelody:javamelody-core is a JavaEE application monitoring module. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the How to fix Cross-site Scripting (XSS)? Upgrade |
[,1.61.0)
|
Affected versions of this package are vulnerable to Cross-site Scripting (XSS) attacks. There was no escaping of |
[1.36.0,1.60.0)
|
Cross-site Scripting (XSS) vulnerability in HtmlSessionInformationsReport.java in JavaMelody 1.46 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted X-Forwarded-For header. |
[,1.46.0)
|
Affected versions of this package are vulnerable to Cross-site Scripting (XSS) attacks. It allows remote attackers to inject arbitrary web script or HTML via a crafted http parameters. |
[1.36.0,1.62.0)
|
Affected versions of this package are vulnerable to Cross-site Scripting (XSS) attacks. Alert messages in |
[1.36.0,1.61.0)
|
Affected versions of this package are vulnerable to Cross-site Scripting (XSS) attacks. |
[,1.53.0)
|