CVE-2018-8035

Name of the Vulnerable Software and Affected Versions: Apache UIMA DUCC versions 2.2.2 and earlier

Description: The issue arises from insufficient filtering of user-supplied inputs in the javascript code of Apache UIMA DUCC, potentially leading to the unintended execution of user-supplied javascript code in the user's browser.

Recommendations: For Apache UIMA DUCC versions 2.2.2 and earlier, update to a version that properly filters user inputs to prevent unintended javascript code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.