N/A

This vulnerability relates to the user's browser processing of DUCC webpage input data.The javascript comprising Apache UIMA DUCC (<= 2.2.2) which runs in the user's browser does not sufficiently filter user supplied inputs, which may result in unintended execution of user supplied javascript code.

N/A

N/A

Apache UIMA DUCC 跨站脚本漏洞

Apache UIMA DUCC是美国阿帕奇（Apache）软件基金会的一套集群管理系统。该系统提供工具，管理和调度工具。 Apache UIMA DUCC 2.2.2及之前版本中存在跨站脚本漏洞。该漏洞源于WEB应用缺少对客户端数据的正确验证。攻击者可利用该漏洞执行客户端代码。

N/A

N/A