4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.004 Low
EPSS
Percentile
71.8%
Multiple cross-site scripting (XSS) vulnerabilities in JAMon (Java
Application Monitor) 2.7 and earlier allow remote attackers to inject
arbitrary web script or HTML via the (1) listenertype or (2)
currentlistener parameter to mondetail.jsp or ArraySQL parameter to (3)
mondetail.jsp, (4) jamonadmin.jsp, (5) sql.jsp, or (6) exceptions.jsp.
Author | Note |
---|---|
mdeslaur | jamon.war/JAMon web apps gets excluded by debian/orig-tar.sh |