FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Axis2 -- Cross-site scripting (XSS) vulnerability

Affected packages
axis2 < 1.7.3

Details

VuXML ID 0baadc45-92d0-11e6-8011-005056925db4
Discovery 2010-10-18
Entry 2016-10-18

Apache Axis2 reports:

Apache Axis2 1.7.3 is a security release that contains a fix for CVE-2010-3981. That security vulnerability affects the admin console that is part of the Axis2 Web application and was originally reported for SAP BusinessObjects (which includes a version of Axis2). That report didn’t mention Axis2 at all and the Axis2 project only recently became aware (thanks to Devesh Bhatt and Nishant Agarwala) that the issue affects Apache Axis2 as well.

References

CVE Name CVE-2010-3981
FreeBSD PR ports/213546
URL http://axis.apache.org/axis2/java/core/release-notes/1.7.3.html