Description
JavaMelody through 1.60.0 has XSS via the counter parameter in a clear_counter action to the /monitoring URI.
Remediation
References
https://github.com/Hurdano/JavaMelody-XSS/wiki/Attack-Vector---JavaMelody
Related Vulnerabilities
CVE-2020-8132 Vulnerability in npm package pdf-image
CVE-2020-12668 Vulnerability in maven package com.hubspot.jinjava:jinjava
CVE-2022-36888 Vulnerability in maven package com.datapipe.jenkins.plugins:hashicorp-vault-plugin
CVE-2021-23392 Vulnerability in npm package locutus
CVE-2022-25855 Vulnerability in npm package create-choo-app3