Vulnerabilities > Wiremock

DATE	CVE	VULNERABILITY TITLE	RISK
2023-12-29	CVE-2023-50069	Cross-site Scripting vulnerability in Wiremock 3.0.4 WireMock with GUI versions 3.2.0.0 through 3.0.4.0 are vulnerable to stored cross-site scripting (SXSS) through the recording feature. network low complexity wiremock CWE-79	6.1
2023-09-06	CVE-2023-39967	Server-Side Request Forgery (SSRF) vulnerability in Wiremock Studio WireMock is a tool for mocking HTTP services. network low complexity wiremock CWE-918 critical	10.0
2023-09-06	CVE-2023-41327	Server-Side Request Forgery (SSRF) vulnerability in Wiremock Studio and Wiremock WireMock is a tool for mocking HTTP services. low complexity wiremock CWE-918	5.4
2023-09-06	CVE-2023-41329	Authentication Bypass by Spoofing vulnerability in Wiremock products WireMock is a tool for mocking HTTP services. network high complexity wiremock CWE-290	6.6
2018-03-29	CVE-2018-9117	Path Traversal vulnerability in Wiremock WireMock before 2.16.0 contains a vulnerability that allows a remote unauthenticated attacker to access local files beyond the application directory via a specially crafted XML request, aka Directory Traversal. network low complexity wiremock CWE-22	5.3
2018-03-29	CVE-2018-9116	XXE vulnerability in Wiremock An XXE vulnerability within WireMock before 2.16.0 allows a remote unauthenticated attacker to access local files and internal resources and potentially cause a Denial of Service. network low complexity wiremock CWE-611 critical	9.1

Vulnerabilities > Wiremock {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Wiremock"}]}