CVE-2010-2103

EUVD-2022-1898
Cross-site scripting (XSS) vulnerability in axis2-admin/axis2-admin/engagingglobally in the administration console in Apache Axis2/Java 1.4.1, 1.5.1, and possibly other versions, as used in SAP Business Objects 12, 3com IMC, and possibly other products, allows remote attackers to inject arbitrary web script or HTML via the modules parameter.  NOTE: some of these details are obtained from third party information.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 95%
Affected Products (NVD)
VendorProductVersion
apacheaxis2
1.4.1
apacheaxis2
1.5.1
apacheaxis2
1.4.1
apacheaxis2
1.5.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
axis
bookworm
1.4-28+deb12u1
fixed
bullseye
1.4-28+deb11u1
fixed
sid
1.4-29
fixed
trixie
1.4-29
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
axis
dapper
dne
hardy
ignored
jaunty
ignored
karmic
ignored
lucid
not-affected
maverick
ignored
natty
ignored
oneiric
not-affected
precise
not-affected
quantal
not-affected
Common Weakness Enumeration
References
http://osvdb.org/64844
http://secunia.com/advisories/39906
http://spl0it.org/files/talks/source_barcelona10/Hacking%20SAP%20BusinessObjects.pdf
http://www.exploit-db.com/exploits/12689
http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr10-03
http://www.securityfocus.com/archive/1/511404/100/0/threaded
http://www.securityfocus.com/bid/40327
http://www.vupen.com/english/advisories/2010/1215
https://exchange.xforce.ibmcloud.com/vulnerabilities/58790
https://kb.juniper.net/KB27373
http://osvdb.org/64844
http://secunia.com/advisories/39906
http://spl0it.org/files/talks/source_barcelona10/Hacking%20SAP%20BusinessObjects.pdf
http://www.exploit-db.com/exploits/12689
http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr10-03
http://www.securityfocus.com/archive/1/511404/100/0/threaded
http://www.securityfocus.com/bid/40327
http://www.vupen.com/english/advisories/2010/1215
https://exchange.xforce.ibmcloud.com/vulnerabilities/58790
https://kb.juniper.net/KB27373