First published: Thu Aug 02 2018(Updated: )
Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.
Credit: security@apache.org security@apache.org
Affected Software | Affected Version | How to fix |
---|---|---|
Apache Axis | >=1.0<=1.4 | |
Oracle Agile Engineering Data Management | =6.2.1.0 | |
Oracle Agile Product Lifecycle Management Framework | =9.3.3 | |
Oracle Application Testing Suite | =13.2.0.1 | |
Oracle Application Testing Suite | =13.3.0.1 | |
Oracle Big Data Discovery | =1.6 | |
Oracle Communications Asap Cartridges | =7.2 | |
Oracle Communications Asap Cartridges | =7.3 | |
Oracle Communications Design Studio | =7.3.4.3.0 | |
Oracle Communications Design Studio | =7.3.5.5.0 | |
Oracle Communications Design Studio | =7.4.0.4.0 | |
Oracle Communications Design Studio | =7.4.1.1.0 | |
Oracle Communications Element Manager | =8.0.0 | |
Oracle Communications Element Manager | =8.1.0 | |
Oracle Communications Element Manager | =8.1.1 | |
Oracle Communications Element Manager | =8.2.0 | |
Oracle Communications Network Integrity | =7.3.5 | |
Oracle Communications Network Integrity | =7.3.6 | |
Oracle Communications Order and Service Management | =7.3.0.0.0 | |
Oracle Communications Order and Service Management | =7.4 | |
Oracle Communications Session Report Manager | =8.0.0 | |
Oracle Communications Session Report Manager | =8.1.0 | |
Oracle Communications Session Report Manager | =8.1.1 | |
Oracle Communications Session Report Manager | =8.2.0 | |
Oracle Communications Session Route Manager | =8.0.0 | |
Oracle Communications Session Route Manager | =8.1.0 | |
Oracle Communications Session Route Manager | =8.1.1 | |
Oracle Communications Session Route Manager | =8.2.0 | |
Oracle Endeca Information Discovery Studio | =3.2.0 | |
Oracle Enterprise Manager Base Platform | =12.1.0.5 | |
Oracle Enterprise Manager Base Platform | =13.3.0.0 | |
Oracle Enterprise Manager For Fusion Middleware | =12.1.0.5 | |
Oracle Financial Services Analytical Applications Infrastructure | >=7.3.3<=7.3.5 | |
Oracle Financial Services Analytical Applications Infrastructure | >=8.0.0<=8.0.8 | |
Oracle Financial Services Compliance Regulatory Reporting | >=8.0.6<=8.0.8 | |
Oracle Financial Services Funds Transfer Pricing | >=8.0.2<=8.0.7 | |
Oracle FLEXCUBE Core Banking | =11.7.0 | |
Oracle FLEXCUBE Core Banking | =11.8.0 | |
Oracle FLEXCUBE Core Banking | =11.9.0 | |
Oracle FLEXCUBE Core Banking | =11.10.0 | |
Oracle FLEXCUBE Private Banking | =12.0.0 | |
Oracle FLEXCUBE Private Banking | =12.1.0 | |
Oracle Hospitality Guest Access | =4.2.0 | |
Oracle Hospitality Guest Access | =4.2.1 | |
Oracle Instantis Enterprisetrack | =17.1 | |
Oracle Instantis Enterprisetrack | =17.2 | |
Oracle Instantis Enterprisetrack | =17.3 | |
Oracle Internet Directory | =12.2.1.3.0 | |
Oracle Internet Directory | =12.2.1.4.0 | |
Oracle Knowledge | >=8.6.0<=8.6.3 | |
Oracle Peoplesoft Enterprise Human Capital Management Human Resources | =9.2 | |
Oracle PeopleSoft Enterprise PeopleTools | =8.56 | |
Oracle PeopleSoft Enterprise PeopleTools | =8.57 | |
Oracle PeopleSoft Enterprise PeopleTools | =8.58 | |
Oracle Policy Automation Connector For Siebel | =10.4.6 | |
Oracle Primavera Gateway | =16.2.11 | |
Oracle Primavera Gateway | =17.12.6 | |
Oracle Primavera Unifier | >=17.7<=17.12 | |
Oracle Primavera Unifier | =16.1 | |
Oracle Primavera Unifier | =16.2 | |
Oracle Primavera Unifier | =18.8 | |
Oracle Primavera Unifier | =19.12 | |
Oracle Rapid Planning | =12.1 | |
Oracle Rapid Planning | =12.2 | |
Oracle Real-time Decision Server | =3.2.1.0 | |
Oracle Retail Order Broker | =15.0 | |
Oracle Retail Order Broker | =16.0 | |
Oracle Retail Order Broker | =18.0 | |
Oracle Retail Xstore Point of Service | =7.1 | |
Oracle Secure Global Desktop | =5.4 | |
Oracle Secure Global Desktop | =5.5 | |
Oracle Siebel Ui Framework | <=21.0 | |
Oracle Tuxedo | =12.1.1.0.0 | |
Oracle Tuxedo | =12.1.3 | |
Oracle WebCenter Portal | =12.2.1.3.0 | |
Debian Debian Linux | =9.0 | |
maven/axis:axis | <=1.4 | |
maven/org.apache.axis:axis | <=1.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.