Maven package
org.apache.geode/geode-web-api
pkg:maven/org.apache.geode/geode-web-api
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-44088 | — | >= 1.1.0, < 1.15.2 | 1.15.2 | Oct 14, 2025 | Malicious script injection ('Cross-site Scripting') vulnerability in Apache Geode web-api (REST). This vulnerability allows an attacker that tricks a logged-in user into clicking a specially-crafted link to execute code on the returned page, which could lead to theft of the user' |
- CVE-2024-44088Oct 14, 2025affected >= 1.1.0, < 1.15.2fixed 1.15.2
Malicious script injection ('Cross-site Scripting') vulnerability in Apache Geode web-api (REST). This vulnerability allows an attacker that tricks a logged-in user into clicking a specially-crafted link to execute code on the returned page, which could lead to theft of the user'