VYPR
Moderate severityNVD Advisory· Published Sep 30, 2013· Updated Jun 16, 2026

CVE-2013-4378

CVE-2013-4378

Description

Cross-site scripting (XSS) vulnerability in HtmlSessionInformationsReport.java in JavaMelody 1.46 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted X-Forwarded-For header.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
net.bull.javamelody:javamelody-coreMaven
< 1.47.01.47.0

Affected products

43
  • cpe:2.3:a:emeric_vernat:javamelody:*:*:*:*:*:*:*:*+ 41 more
    • cpe:2.3:a:emeric_vernat:javamelody:*:*:*:*:*:*:*:*range: <=1.46
    • cpe:2.3:a:emeric_vernat:javamelody:1.10:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.11:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.12:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.13:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.14:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.15:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.16:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.17:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.18:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.19:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.20:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.21:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.22:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.23:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.24:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.25:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.26:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.27:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.28:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.29:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.30:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.31:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.32:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.32.1:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.33:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.34:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.35:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.36:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.37:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.38:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.39:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.40:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.41:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.42:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.43:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.44:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.45:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:emeric_vernat:javamelody:1.9:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.