VYPR

Maven package

org.apache.geode/geode-web-api

pkg:maven/org.apache.geode/geode-web-api

Vulnerabilities (1)

  • CVE-2024-44088Oct 14, 2025
    affected >= 1.1.0, < 1.15.2fixed 1.15.2

    Malicious script injection ('Cross-site Scripting') vulnerability in Apache Geode web-api (REST). This vulnerability allows an attacker that tricks a logged-in user into clicking a specially-crafted link to execute code on the returned page, which could lead to theft of the user'