Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
21 Jun 2024, 19:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
07 Nov 2023, 03:01
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2018-08-02 13:29
Updated : 2024-06-21 19:15
NVD link : CVE-2018-8032
Mitre link : CVE-2018-8032
CVE.ORG link : CVE-2018-8032
JSON object : View
Products Affected
oracle
- communications_asap_cartridges
- internet_directory
- financial_services_compliance_regulatory_reporting
- policy_automation_connector_for_siebel
- primavera_gateway
- communications_network_integrity
- real-time_decision_server
- peoplesoft_enterprise_human_capital_management_human_resources
- primavera_unifier
- enterprise_manager_base_platform
- communications_session_route_manager
- agile_product_lifecycle_management_framework
- application_testing_suite
- big_data_discovery
- retail_order_broker
- retail_xstore_point_of_service
- tuxedo
- hospitality_guest_access
- communications_element_manager
- communications_order_and_service_management
- peoplesoft_enterprise_peopletools
- siebel_ui_framework
- knowledge
- enterprise_manager_for_fusion_middleware
- rapid_planning
- financial_services_analytical_applications_infrastructure
- financial_services_funds_transfer_pricing
- endeca_information_discovery_studio
- agile_engineering_data_management
- flexcube_private_banking
- webcenter_portal
- secure_global_desktop
- instantis_enterprisetrack
- flexcube_core_banking
- communications_design_studio
- communications_session_report_manager
apache
- axis
debian
- debian_linux
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')