CVE-2018-8032 (agile_engineering_data_management, agile_product_lifecycle_management_framework, application_testing_suite, axis, big_data_discovery, communications_asap_cartridges, communications_design_studio, communications_element_manager, communications_network_integrity, communications_order_and_service_management, communications_session_report_manager, communications_session_route_manager, endeca_information_discovery_studio, enterprise_manager_base_platform, enterprise_manager_for_fusion_middleware, financial_services_analytical_applications_infrastructure, financial_services_compliance_regulatory_reporting, financial_services_funds_transfer_pricing, flexcube_private_banking, hospitality_guest_access, instantis_enterprisetrack, knowledge, peoplesoft_enterprise_human_capital_management_human_resources, peoplesoft_enterprise_peopletools, policy_automation_connector_for_siebel, primavera_gateway, primavera_unifier, rapid_planning, real-time_decision_server, retail_order_broker, retail_xstore_point_of_service, secure_global_desktop, tuxedo, webcenter_portal)

Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.

View Full Alert

Leave a Reply