CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services.

**Details**

*   **Type: **![](https://issues.apache.org/jira/secure/viewavatar?size=xsmall&avatarId=21133&avatarType=issuetype "Bug - A problem which impairs or prevents the functions of the product.") Bug
    
*   **Status:** Resolved
    
*   **Priority: **![](https://issues.apache.org/jira/images/icons/priorities/major.svg "Major - Major loss of function.") Major
    
*   **Resolution:** Fixed
    
*   **Affects Version/s:** None
    
*   **Fix Version/s:** None
    
*   **Component/s:** None
    
*   **Labels:**
    
    None
    

**Description**

I built the trunk and can confirm the fix. See below:

r1831943 | veithen | 2018-05-20 14:10:32 -0600 (Sun, 20 May 2018) | 1 line

Correctly escape namespace URIs in namespace declarations.

Trunk link with maven builds:

https://travis-ci.org/apache/axis1-java 

**Attachments**

**Activity**

Headline

CVE-2018-8032: [AXIS-2924] CVE-2018-8032 XSS vulnerability - ASF JIRA

CVE: Latest News