CVE-2009-4267

CVE-2009-4267

EPSS 1.5%

The console in Apache jUDDI 3.0.0 does not properly escape line feeds, which allows remote authenticated users to spoof log entries via the numRows parameter.

Produtos afetados

Apache Software Foundation · jUDDI

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://juddi.apache.org/security.html http://mail-archives.apache.org/mod_mbox/juddi-user/201802.mbox/raw/%3C0F272EE1-E2B4-4016-8C5D-F76ABDD12D18%40gmail.com%3E