Home

CVE-2018-8035

Description

This vulnerability relates to the users browser processing of DUCC webpage input data.The javascript comprising Apache UIMA DUCC (<= 2.2.2) which runs in the users browser does not sufficiently filter user supplied inputs, which may result in unintended execution of user supplied javascript code.

Risk Information

Base Score
6.1
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS Score
Exploitation Probability
3.753

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2018-8035 are fixed in Apache - uima-ducc-web 3.0.0Windows
Vulnerabilities CVE-2018-8035 are fixed in Apache - uima-ducc-web for Linux 3.0.0Linux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234