CVE-2018-15531

Published: Sep 27, 2018
Updated: May 9, 2024
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2018-15531" target="_blank" rel="noopener"> CVE-2018-15531
GHSA: <a href="https://github.com/advisories/GHSA-6fvx-r7hx-3vh6" target="_blank" rel="noopener"> GHSA-6fvx-r7hx-3vh6
Severity: Critical
Exploit:

JavaMelody before 1.74.0 has XXE via parseSoapMethodName in bull/javamelody/PayloadNameRequestWrapper.java.

CVSS v3:

CVSS v2:

CWEs:

OWASP TOP 10:

Software	From	Fixed in
javamelody_project / javamelody	-	1.74.0
net.bull.javamelody / javamelody-core	-	1.74.0

Vulnerability Database