Lucene search

K
osvGoogleOSV:CVE-2018-8035
HistoryMay 01, 2019 - 9:29 p.m.

CVE-2018-8035

2019-05-0121:29:00
Google
osv.dev
4
cve-2018-8035
apache uima ducc
browser processing
input data
user supplied inputs
javascript code

AI Score

7.1

Confidence

Low

EPSS

0.005

Percentile

76.7%

This vulnerability relates to the user’s browser processing of DUCC webpage input data.The javascript comprising Apache UIMA DUCC (<= 2.2.2) which runs in the user’s browser does not sufficiently filter user supplied inputs, which may result in unintended execution of user supplied javascript code.

AI Score

7.1

Confidence

Low

EPSS

0.005

Percentile

76.7%