Description

An XSS vulnerability exists in the Jolokia agent version 1.3.7 in the HTTP servlet that allows an attacker to execute malicious javascript in the victim's browser.

Remediation

References

CVE-2018-1000129

Related Vulnerabilities

WordPress Plugin WP ULike Cross-Site Scripting (3.1)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5272)

WordPress Plugin Contact Form 7 Cross-Site Scripting (4.0.1)

WordPress Plugin Ultimate Maps by Supsystic Cross-Site Scripting (1.2.4)

Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2025-23209)

Severity

Medium

Classification

CVE-2018-1000129 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities