Headline
GHSA-cqhr-jqvc-qw9p: Java Melody vulnerable to cross-site scripting
JavaMelody is a monitoring tool for JavaEE applications. Versions prior to 1.61.0 are vulnerable to a cross-site scripting (XSS) attack. This issue was patched in version 1.61.0, and users are recommended to upgrade to the latest version. There are no known workarounds.
Java Melody vulnerable to cross-site scripting
Critical severity GitHub Reviewed Published Jul 20, 2022 • Updated Jul 20, 2022