CVE-2009-4267

CVE-2009-4267

EPSS 1.5%

The console in Apache jUDDI 3.0.0 does not properly escape line feeds, which allows remote authenticated users to spoof log entries via the numRows parameter.

Affected products

Apache Software Foundation · jUDDI

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://juddi.apache.org/security.html http://mail-archives.apache.org/mod_mbox/juddi-user/201802.mbox/raw/%3C0F272EE1-E2B4-4016-8C5D-F76ABDD12D18%40gmail.com%3E