Javamelody Project: Security Vulnerabilities
JavaMelody before 1.74.0 has XXE via parseSoapMethodName in bull/javamelody/PayloadNameRequestWrapper.java.
CVSS Score
9.8
EPSS Score
0.196
Published
2018-09-26
JavaMelody through 1.60.0 has XSS via the counter parameter in a clear_counter action to the /monitoring URI.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-06-14