You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
description: "Jolokia 1.3.7 is vulnerable to cross-site scripting in the HTTP servlet and allows an attacker to execute malicious JavaScript in the victim's browser."
and "<svg onload=alert(document.domain)>" in {check.response.body}
and "java.lang.IllegalArgumentException" in {check.response.body}
and "No type with name" in {check.response.body}
and "text/html" in {check.response.headers} then
report issue:
severity: medium
confidence: certain
detail: `Jolokia 1.3.7 is vulnerable to cross-site scripting in the HTTP servlet and allows an attacker to execute malicious JavaScript in the victim's browser.`
remediation: "Upgrade Jolokia to the latest version"