CVEs (2)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Javamelody Project 1Javamelody Nov 21, 2024 Sep 26, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 JavaMelody before 1.74.0 has XXE via parseSoapMethodName in bull/javamelody/PayloadNameRequestWrapper.java. |
1Javamelody Project 1Javamelody Nov 21, 2024 Jun 14, 2018 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 JavaMelody through 1.60.0 has XSS via the counter parameter in a clear_counter action to the /monitoring URI. |