Spring Framework CVE-2018-11039 Cross Site Scripting Vulnerability

Bugtraq ID: 107984
Class: Input Validation Error
CVE: CVE-2018-11039
Remote: Yes
Local: No
Published: Apr 17 2019 12:00AM
Updated: Apr 17 2019 12:00AM
Credit: The vendor reported this issue.
Vulnerable: Pivotal Spring Framework 5.0.6
Pivotal Spring Framework 5.0.5
Pivotal Spring Framework 5.0.4
Pivotal Spring Framework 5.0.3
Pivotal Spring Framework 5.0.2
Pivotal Spring Framework 5.0.1
Pivotal Spring Framework 5.0
Pivotal Spring Framework 4.3.17
Pivotal Spring Framework 4.3.16
Pivotal Spring Framework 4.3.15
Pivotal Spring Framework 4.3.14
Pivotal Spring Framework 4.3
Pivotal Spring Framework 4.2.2
Pivotal Spring Framework 4.2.1
Pivotal Spring Framework 4.2
Pivotal Spring Framework 4.1.8
Pivotal Spring Framework 4.1.7
Pivotal Spring Framework 4.0.7
Pivotal Spring Framework 4.0.6
Pivotal Spring Framework 3.2.15
Pivotal Spring Framework 3.2.14
Pivotal Spring Framework 3.2.13
Pivotal Spring Framework 3.2.12
Pivotal Spring Framework 3.2.11
Pivotal Spring Framework 3.2.10
Pivotal Spring Framework 3.2.9
Pivotal Spring Framework 3.2.7
Pivotal Spring Framework 3.2.5
Pivotal Spring Framework 3.2.4
Pivotal Spring Framework 3.2
Pivotal Spring Framework 3.0.5
Pivotal Spring Framework 3.0.4
Pivotal Spring Framework 4.1.1
Pivotal Spring Framework 4.1.0
Pivotal Spring Framework 4.0.5
Pivotal Spring Framework 4.0.4
Pivotal Spring Framework 4.0.3
Pivotal Spring Framework 4.0.2
Pivotal Spring Framework 4.0.1
Pivotal Spring Framework 4.0.0
Pivotal Spring Framework 3.2.8
Pivotal Spring Framework 3.2.6
Pivotal Spring Framework 3.2.3
Pivotal Spring Framework 3.2.2
Pivotal Spring Framework 3.2.1
Pivotal Spring Framework 3.1.4
Pivotal Spring Framework 3.1.3
Pivotal Spring Framework 3.1.2
Pivotal Spring Framework 3.1.1
Pivotal Spring Framework 3.1.0
Pivotal Spring Framework 3.0.7
Pivotal Spring Framework 3.0.6
Oracle Weblogic Server 12.1.3
Oracle Weblogic Server 10.3.6 0
Oracle Weblogic Server 12.2.1.3
Oracle Weblogic Server 12.1.3.0
Oracle Retail Integration Bus 14.1.2
Oracle Retail Financial Integration 16.0
Oracle Retail Financial Integration 15.0
Oracle Retail Financial Integration 14.1
Oracle Retail Financial Integration 14.0
Oracle Retail Financial Integration 13.2
Oracle Retail Customer Insights 16.0
Oracle Retail Customer Insights 15.0
Oracle Retail Assortment Planning 16.0
Oracle Retail Assortment Planning 15.0
Oracle Retail Assortment Planning 14.1
Oracle Primavera P6 Enterprise Project Portfolio Management 18.8
Oracle MICROS Lucas 2.9.5
Oracle Insurance Rules Palette 10.2
Oracle Insurance Rules Palette 10.0
Oracle Insurance Calculation Engine 10.2
Oracle Hospitality Guest Access 4.2.1
Oracle Hospitality Guest Access 4.2
Oracle Healthcare Master Person Index 4.0
Oracle Healthcare Master Person Index 3.0
Oracle FLEXCUBE Private Banking 2.2 1
Oracle FLEXCUBE Private Banking 2.0.0.0
Oracle FLEXCUBE Private Banking 12.1.0.0
Oracle FLEXCUBE Private Banking 12.0.3.0
Oracle FLEXCUBE Private Banking 12.0.1.0
Oracle Enterprise Manager Ops Center 12.3.3
Oracle Enterprise Manager for MySQL Database 13.2.3.0.0
Oracle Enterprise Manager for MySQL Database 13.2.2.0.0
Oracle Enterprise Manager for MySQL Database 13.2.1.0.0
Oracle Enterprise Manager Base Platform 13.3.0.0.0
Oracle Enterprise Manager Base Platform 13.2.0.0.0
Oracle Enterprise Manager Base Platform 12.1.0.5.0
Oracle Communications Unified Inventory Management 7.4
Oracle Communications Unified Inventory Management 7.3.5
Oracle Communications Unified Inventory Management 7.3.4
Oracle Communications Unified Inventory Management 7.3.2
Oracle Communications Services Gatekeeper 6.0
Oracle Communications Services Gatekeeper 5.1
Oracle Communications Performance Intelligence Center (PIC) Software 10.2
Oracle Communications Performance Intelligence Center (PIC) Software 10.1.5.1
Oracle Communications Diameter Signaling Router 7.1
Oracle Communications Diameter Signaling Router 6.0.2
Oracle Communications Diameter Signaling Router 6.0
Oracle Communications Diameter Signaling Router 5.1
Oracle Communications Diameter Signaling Router 4.1.6
Oracle Communications Diameter Signaling Router 4.1
Oracle Communications Diameter Signaling Router 8.0
Oracle Communications Diameter Signaling Router 7.0
Oracle Communications Diameter Signaling Router 5.0
Oracle Communications Diameter Signaling Router 4.0
Oracle Communications Diameter Signaling Router 3.0
Oracle Application Testing Suite 13.3.0.1
Oracle Application Testing Suite 13.2.0.1
Oracle Application Testing Suite 13.1.0.1
Oracle Application Testing Suite 12.5.0.3
Oracle Agile PLM 9.3.5
Oracle Agile PLM 9.3.3
Oracle Agile PLM 9.3.6
Oracle Agile PLM 9.3.4
Not Vulnerable: Pivotal Spring Framework 5.0.7
Pivotal Spring Framework 4.3.18
Oracle Communications Services Gatekeeper 6.1.0.4.0
Oracle Communications Performance Intelligence Center (PIC) Software 10.2.1
Oracle Communications Diameter Signaling Router 8.3


 

Privacy Statement
Copyright 2010, SecurityFocus