{"id":"CVE-2018-8032","details":"Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.","aliases":["GHSA-96jq-75wh-2658"],"modified":"2026-03-15T22:26:35.903917Z","published":"2018-08-02T13:29:00.363Z","related":["MGASA-2018-0431","SUSE-SU-2018:3118-1","SUSE-SU-2018:3119-1","SUSE-SU-2018:3121-1","openSUSE-SU-2024:10646-1"],"references":[{"type":"WEB","url":"http://mail-archives.apache.org/mod_mbox/axis-java-dev/201807.mbox/%3CJIRA.13170716.1531060536000.93536.1531060560060%40Atlassian.JIRA%3E"},{"type":"WEB","url":"https://lists.apache.org/thread.html/3b89bc9e9d055db7eba8835ff6501f3f5db99d2a0928ec0be9b1d17b%40%3Cjava-dev.axis.apache.org%3E"},{"type":"WEB","url":"https://lists.apache.org/thread.html/d06ed5e4eeb77d00e8d594ec01ee8ee1cba173a01ac4b18f1579d041%40%3Cjava-dev.axis.apache.org%3E"},{"type":"WEB","url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00015.html"},{"type":"ADVISORY","url":"https://www.oracle.com/security-alerts/cpuapr2020.html"},{"type":"ADVISORY","url":"https://www.oracle.com/security-alerts/cpujan2020.html"},{"type":"ADVISORY","url":"https://www.oracle.com/security-alerts/cpuApr2021.html"},{"type":"ADVISORY","url":"https://www.oracle.com/security-alerts/cpujul2020.html"},{"type":"ADVISORY","url":"https://www.oracle.com/security-alerts/cpuoct2021.html"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20240621-0006/"},{"type":"ADVISORY","url":"https://www.oracle.com/security-alerts/cpujan2021.html"},{"type":"FIX","url":"https://issues.apache.org/jira/browse/AXIS-2924"},{"type":"FIX","url":"https://www.oracle.com/security-alerts/cpuapr2022.html"},{"type":"FIX","url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"1.0"},{"last_affected":"1.4"}]},{"events":[{"introduced":"0"},{"last_affected":"6.2.1.0"}]},{"events":[{"introduced":"0"},{"last_affected":"9.3.3"}]},{"events":[{"introduced":"0"},{"last_affected":"13.2.0.1"}]},{"events":[{"introduced":"0"},{"last_affected":"13.3.0.1"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6"}]},{"events":[{"introduced":"0"},{"last_affected":"7.2"}]},{"events":[{"introduced":"0"},{"last_affected":"7.3"}]},{"events":[{"introduced":"0"},{"last_affected":"7.3.4.3.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.3.5.5.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.4.0.4.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.4.1.1.0"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0.0"}]},{"events":[{"introduced":"0"},{"last_affected":"8.1.0"}]},{"events":[{"introduced":"0"},{"last_affected":"8.1.1"}]},{"events":[{"introduced":"0"},{"last_affected":"8.2.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.3.5"}]},{"events":[{"introduced":"0"},{"last_affected":"7.3.6"}]},{"events":[{"introduced":"0"},{"last_affected":"7.3.0.0.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.4"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0.0"}]},{"events":[{"introduced":"0"},{"last_affected":"8.1.0"}]},{"events":[{"introduced":"0"},{"last_affected":"8.1.1"}]},{"events":[{"introduced":"0"},{"last_affected":"8.2.0"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0.0"}]},{"events":[{"introduced":"0"},{"last_affected":"8.1.0"}]},{"events":[{"introduced":"0"},{"last_affected":"8.1.1"}]},{"events":[{"introduced":"0"},{"last_affected":"8.2.0"}]},{"events":[{"introduced":"0"},{"last_affected":"3.2.0"}]},{"events":[{"introduced":"0"},{"last_affected":"12.1.0.5"}]},{"events":[{"introduced":"0"},{"last_affected":"13.3.0.0"}]},{"events":[{"introduced":"0"},{"last_affected":"12.1.0.5"}]},{"events":[{"introduced":"7.3.3"},{"last_affected":"7.3.5"}]},{"events":[{"introduced":"8.0.0"},{"last_affected":"8.0.8"}]},{"events":[{"introduced":"8.0.6"},{"last_affected":"8.0.8"}]},{"events":[{"introduced":"8.0.2"},{"last_affected":"8.0.7"}]},{"events":[{"introduced":"0"},{"last_affected":"11.7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"11.8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"11.9.0"}]},{"events":[{"introduced":"0"},{"last_affected":"11.10.0"}]},{"events":[{"introduced":"0"},{"last_affected":"12.0.0"}]},{"events":[{"introduced":"0"},{"last_affected":"12.1.0"}]},{"events":[{"introduced":"0"},{"last_affected":"4.2.0"}]},{"events":[{"introduced":"0"},{"last_affected":"4.2.1"}]},{"events":[{"introduced":"0"},{"last_affected":"17.1"}]},{"events":[{"introduced":"0"},{"last_affected":"17.2"}]},{"events":[{"introduced":"0"},{"last_affected":"17.3"}]},{"events":[{"introduced":"0"},{"last_affected":"12.2.1.3.0"}]},{"events":[{"introduced":"0"},{"last_affected":"12.2.1.4.0"}]},{"events":[{"introduced":"8.6.0"},{"last_affected":"8.6.3"}]},{"events":[{"introduced":"0"},{"last_affected":"9.2"}]},{"events":[{"introduced":"0"},{"last_affected":"8.56"}]},{"events":[{"introduced":"0"},{"last_affected":"8.57"}]},{"events":[{"introduced":"0"},{"last_affected":"8.58"}]},{"events":[{"introduced":"0"},{"last_affected":"10.4.6"}]},{"events":[{"introduced":"0"},{"last_affected":"16.2.11"}]},{"events":[{"introduced":"0"},{"last_affected":"17.12.6"}]},{"events":[{"introduced":"17.7"},{"last_affected":"17.12"}]},{"events":[{"introduced":"0"},{"last_affected":"16.1"}]},{"events":[{"introduced":"0"},{"last_affected":"16.2"}]},{"events":[{"introduced":"0"},{"last_affected":"18.8"}]},{"events":[{"introduced":"0"},{"last_affected":"19.12"}]},{"events":[{"introduced":"0"},{"last_affected":"12.1"}]},{"events":[{"introduced":"0"},{"last_affected":"12.2"}]},{"events":[{"introduced":"0"},{"last_affected":"3.2.1.0"}]},{"events":[{"introduced":"0"},{"last_affected":"15.0"}]},{"events":[{"introduced":"0"},{"last_affected":"16.0"}]},{"events":[{"introduced":"0"},{"last_affected":"18.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.1"}]},{"events":[{"introduced":"0"},{"last_affected":"5.4"}]},{"events":[{"introduced":"0"},{"last_affected":"5.5"}]},{"events":[{"introduced":"0"},{"last_affected":"21.0"}]},{"events":[{"introduced":"0"},{"last_affected":"12.1.1.0.0"}]},{"events":[{"introduced":"0"},{"last_affected":"12.1.3"}]},{"events":[{"introduced":"0"},{"last_affected":"12.2.1.3.0"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-8032.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}