A buffer over-read in Util_urlDecode in util.c in Tildeslash Monit before 5.25.3 allows a remote authenticated attacker to retrieve the contents of adjacent memory via manipulation of GET or POST parameters. The attacker can also cause a denial of service (application outage). CREATE(Triage): {Link=https://nvd.nist.gov/vuln/detail/CVE-2019-11455 User=admin}