You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by "robert lazarski (JIRA)" <ax...@ws.apache.org> on 2018/02/14 15:10:00 UTC
[jira] [Closed] (AXIS-2917) please provide the official versions of
axis2 in which these CVE-2012-4232,CVE-2012-4231 vulnerabilities are fixed
[ https://issues.apache.org/jira/browse/AXIS-2917?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
robert lazarski closed AXIS-2917.
---------------------------------
Resolution: Invalid
Both those CVE's seem to be for JCore and PHP, the description in the issues show "SQL injection vulnerability in admin/index.php in jCore" and "Cross-site scripting (XSS) vulnerability in admin/index.php in jCore" .
You mentioned axis2 but this issue was created in the Jira for axis 1.x,
Anyways, these type of questions are for the mailing list, not a bug tracker.
Marking the issue as invalid.
> please provide the official versions of axis2 in which these CVE-2012-4232,CVE-2012-4231 vulnerabilities are fixed
> ------------------------------------------------------------------------------------------------------------------
>
> Key: AXIS-2917
> URL: https://issues.apache.org/jira/browse/AXIS-2917
> Project: Axis
> Issue Type: Bug
> Reporter: Ajay Kumar
> Priority: Critical
>
> Hi,
> kindly provide details about the official version of axis2 which contains fixes for the following security vulnerabilities. If not fixed, then please share information regarding the time line for the fix.
> CVE-2012-4232
> CVE-2012-4231
> Best Regards,
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org