CVE-2018-1000129

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2018-1000129

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1000129.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-1000129

Aliases

GHSA-hfpg-gqjw-779m

Published

2018-03-14T13:29:00Z

Modified

2024-05-14T06:15:25.468058Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

An XSS vulnerability exists in the Jolokia agent version 1.3.7 in the HTTP servlet that allows an attacker to execute malicious javascript in the victim's browser.

References

Affected packages

Git / github.com/jolokia/jolokia

Affected ranges

Type: GIT
Repo: https://github.com/jolokia/jolokia
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

5895d5c137c335e6b473e9dcb9baf748851bbc5f

Type: GIT
Repo: https://github.com/rhuss/jolokia
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

62063241d69071cbb0f2de400e55e03e182d48f0

Affected versions

v0.*

v0.80

v0.81

v0.82

v0.83

v0.90

v0.91

v0.95

v1.*

v1.0.0

v1.0.1

v1.0.2

v1.0.3

v1.0.4

v1.0.5

v1.0.6

v1.1.0

v1.1.1

v1.1.2

v1.1.3

v1.1.4

v1.1.5

v1.2.0

v1.2.1

v1.2.2

v1.2.3

v1.3.0

v1.3.1

v1.3.2

v1.3.3

v1.3.4

v1.3.5

v1.3.6

v1.3.7

v1.4.0