CVE-2023-50069
- EPSS 0.59%
- Veröffentlicht 29.12.2023 21:15:08
- Zuletzt bearbeitet 21.11.2024 08:36:30
WireMock with GUI versions 3.2.0.0 through 3.0.4.0 are vulnerable to stored cross-site scripting (SXSS) through the recording feature. An attacker can host a malicious payload and perform a test mapping pointing to the attacker's file, and the result...
CVE-2023-41327
- EPSS 0.12%
- Veröffentlicht 06.09.2023 21:15:14
- Zuletzt bearbeitet 21.11.2024 08:21:04
WireMock is a tool for mocking HTTP services. WireMock can be configured to only permit proxying (and therefore recording) to certain addresses. This is achieved via a list of allowed address rules and a list of denied address rules, where the allowe...
CVE-2023-41329
- EPSS 0.17%
- Veröffentlicht 06.09.2023 21:15:14
- Zuletzt bearbeitet 21.11.2024 08:21:05
WireMock is a tool for mocking HTTP services. The proxy mode of WireMock, can be protected by the network restrictions configuration, as documented in Preventing proxying to and recording from specific target addresses. These restrictions can be conf...
CVE-2018-9116
- EPSS 1.09%
- Veröffentlicht 29.03.2018 07:29:00
- Zuletzt bearbeitet 21.11.2024 04:14:59
An XXE vulnerability within WireMock before 2.16.0 allows a remote unauthenticated attacker to access local files and internal resources and potentially cause a Denial of Service.
CVE-2018-9117
- EPSS 0.69%
- Veröffentlicht 29.03.2018 07:29:00
- Zuletzt bearbeitet 21.11.2024 04:14:59
WireMock before 2.16.0 contains a vulnerability that allows a remote unauthenticated attacker to access local files beyond the application directory via a specially crafted XML request, aka Directory Traversal.