Published: 27/05/2010 Updated: 10/10/2018

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in axis2-admin/axis2-admin/engagingglobally in the administration console in Apache Axis2/Java 1.4.1, 1.5.1, and possibly other versions, as used in SAP Business Objects 12, 3com IMC, and possibly other products, allows remote malicious users to inject arbitrary web script or HTML via the modules parameter. NOTE: some of these details are obtained from third party information.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apache axis2 1.4.1
apache axis2 1.5.1

PR10-03 Authenticated Cross-Site Scripting Vulnerability (XSS) within Apache Axis2 administration console Source: wwwprocheckupcom/vulnerability_manager/vulnerabilities/pr10-03 Advisory publicly released: Friday, 21 May 2010 Vulnerability found: Saturday, 30 January 2010 Severity level: Medium Credits Richard Brain of ProCheckUp Ltd ...

CWE-79 http://osvdb.org/64844 http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr10-03 http://www.exploit-db.com/exploits/12689 http://www.vupen.com/english/advisories/2010/1215 http://www.securityfocus.com/bid/40327 http://secunia.com/advisories/39906 http://spl0it.org/files/talks/source_barcelona10/Hacking%20SAP%20BusinessObjects.pdf https://kb.juniper.net/KB27373 https://exchange.xforce.ibmcloud.com/vulnerabilities/58790 http://www.securityfocus.com/archive/1/511404/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/12689/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-2103

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect