robert lazarski closed AXIS-2917.
    Resolution: Invalid

Both those CVE's seem to be for JCore and PHP, the description in the issues 
show "SQL injection vulnerability in admin/index.php in jCore" and "Cross-site 
scripting (XSS) vulnerability in admin/index.php in jCore" .

You mentioned axis2 but this issue was created in the Jira for axis 1.x,

Anyways, these type of questions are for the mailing list, not a bug tracker.

Marking the issue as invalid.


> please provide the official versions of axis2 in which these 
> CVE-2012-4232,CVE-2012-4231 vulnerabilities are fixed
> ------------------------------------------------------------------------------------------------------------------
>                 Key: AXIS-2917
>                 URL: https://issues.apache.org/jira/browse/AXIS-2917
>             Project: Axis
>          Issue Type: Bug
>            Reporter: Ajay Kumar
>            Priority: Critical
> Hi,
> kindly provide details about the official version of axis2 which contains 
> fixes for the following security vulnerabilities. If not fixed, then please 
> share information regarding the time line for the fix. 
> CVE-2012-4232
> CVE-2012-4231
> Best Regards,

This message was sent by Atlassian JIRA

To unsubscribe, e-mail: java-dev-unsubscr...@axis.apache.org
For additional commands, e-mail: java-dev-h...@axis.apache.org

Reply via email to