"jolokia" — Vulnerability Search

3 vulnerabilities found for “jolokia”

CVE-2018-10899

A flaw was found in Jolokia versions from 1.2 to before 1.6.1. Affected versions are vulnerable to a system-wide CSRF. This holds true for properly configured instances with strict checking for origin and referrer headers. This could result in a Remote Code Execution attack.

jolokia / jolokia+1

Network

Published Aug 1, 2019

CVE-2018-1000129

MEDIUM6.1

An XSS vulnerability exists in the Jolokia agent version 1.3.7 in the HTTP servlet that allows an attacker to execute malicious javascript in the victim's browser.

jolokia / jolokia

Network

Published Mar 14, 2018

CVE-2018-1000130

HIGH8.1

A JNDI Injection vulnerability exists in Jolokia agent version 1.3.7 in the proxy mode that allows a remote attacker to run arbitrary Java code on the server.

jolokia / webarchive_agent

Network

Published Mar 14, 2018

Search Vulnerabilities