Vulnerabilities > Apache > Juddi > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-19 | CVE-2009-4267 | Improper Encoding or Escaping of Output vulnerability in Apache Juddi 3.0.0 The console in Apache jUDDI 3.0.0 does not properly escape line feeds, which allows remote authenticated users to spoof log entries via the numRows parameter. | 6.5 |
| 2017-10-30 | CVE-2009-1198 | Cross-site Scripting vulnerability in Apache Juddi Cross-site scripting (XSS) vulnerability in Apache jUDDI before 2.0 allows remote attackers to inject arbitrary web script or HTML via the dsname parameter to happyjuddi.jsp. | 6.1 |
| 2017-10-30 | CVE-2009-1197 | Improper Input Validation vulnerability in Apache Juddi 0.9/2.0 Apache jUDDI before 2.0 allows attackers to spoof entries in log files via vectors related to error logging of keys from uddiget.jsp. | 5.3 |
| 2017-05-19 | CVE-2015-5241 | Open Redirect vulnerability in Apache Juddi After logging into the portal, the logout jsp page redirects the browser back to the login page after. | 6.1 |