Severity: Important Affected versions:
- Apache HertzBeat (org.apache.hertzbeat:hertzbeat-collector) 1.7.1 before 1.8.0
Description:
Improper Neutralization of Data within XPath Expressions ('XPath Injection')
vulnerability in Apache HertzBeat.
This issue affects Apache HertzBeat: from 1.7.1 before 1.8.0.
Users are recommended to upgrade to version 1.8.0, which fixes the issue.
References:
https://hertzbeat.apache.org
https://www.cve.org/CVERecord?id=CVE-2026-24343
