CVE-2018-8032
published 2018-08-02CVE-2018-8032: Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.
medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.
Affected
82 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | axis | >= 0 < 1.4-28 | 1.4-28 |
| apache | axis | >= 0 < 1.4-28 | 1.4-28 |
| apache | axis | >= 0 < 1.4-28 | 1.4-28 |
| apache | axis | >= 0 < 1.4-28 | 1.4-28 |
| apache | axis | 1.0 – 1.4 | — |
| apache_software_foundation | apache_axis | — | — |
| debian | axis | < axis 1.4-28 (bookworm) | axis 1.4-28 (bookworm) |
| debian | debian_linux | — | — |
| oracle | agile_engineering_data_management | — | — |
| oracle | agile_product_lifecycle_management | — | — |
| oracle | application_testing_suite | — | — |
| oracle | application_testing_suite | — | — |
| oracle | big_data_discovery | — | — |
| oracle | communications_asap_cartridges | — | — |
| oracle | communications_asap_cartridges | — | — |
| oracle | communications_design_studio | — | — |
| oracle | communications_design_studio | — | — |
| oracle | communications_design_studio | — | — |
| oracle | communications_design_studio | — | — |
| oracle | communications_element_manager | — | — |
| oracle | communications_element_manager | — | — |
| oracle | communications_element_manager | — | — |
| oracle | communications_element_manager | — | — |
| oracle | communications_network_integrity | — | — |
| oracle | communications_network_integrity | — | — |
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
osv6.1MEDIUM