[ https://issues.apache.org/jira/browse/AXIS-2917?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
robert lazarski closed AXIS-2917. --------------------------------- Resolution: Invalid Both those CVE's seem to be for JCore and PHP, the description in the issues show "SQL injection vulnerability in admin/index.php in jCore" and "Cross-site scripting (XSS) vulnerability in admin/index.php in jCore" . You mentioned axis2 but this issue was created in the Jira for axis 1.x, Anyways, these type of questions are for the mailing list, not a bug tracker. Marking the issue as invalid. > please provide the official versions of axis2 in which these > CVE-2012-4232,CVE-2012-4231 vulnerabilities are fixed > ------------------------------------------------------------------------------------------------------------------ > > Key: AXIS-2917 > URL: https://issues.apache.org/jira/browse/AXIS-2917 > Project: Axis > Issue Type: Bug > Reporter: Ajay Kumar > Priority: Critical > > Hi, > kindly provide details about the official version of axis2 which contains > fixes for the following security vulnerabilities. If not fixed, then please > share information regarding the time line for the fix. > CVE-2012-4232 > CVE-2012-4231 > Best Regards, -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: java-dev-unsubscr...@axis.apache.org For additional commands, e-mail: java-dev-h...@axis.apache.org