Описание
Java Melody vulnerable to cross-site scripting
JavaMelody is a monitoring tool for JavaEE applications. Versions prior to 1.61.0 are vulnerable to a cross-site scripting (XSS) attack. This issue was patched in version 1.61.0, and users are recommended to upgrade to the latest version. There are no known workarounds.
Пакеты
Наименование
net.bull.javamelody:javamelody-core
maven
Затронутые версииВерсия исправления
< 1.61.0
1.61.0