Описание
In Apache ActiveMQ 5.x before 5.14.2, an instance of a cross-site scripting vulnerability was identified to be present in the web based administration console. The root cause of this issue is improper user data output validation.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| activemq | fixed | 5.14.2+dfsg-1 | package |
Примечания
Admin console not enabled in the Debian package, see #702670
http://activemq.apache.org/security-advisories.data/CVE-2016-6810-announcement.txt
http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000245.html
https://jvn.jp/en/jp/JVN78980598/index.html
EPSS
Связанные уязвимости
In Apache ActiveMQ 5.x before 5.14.2, an instance of a cross-site scripting vulnerability was identified to be present in the web based administration console. The root cause of this issue is improper user data output validation.
In Apache ActiveMQ 5.x before 5.14.2, an instance of a cross-site scripting vulnerability was identified to be present in the web based administration console. The root cause of this issue is improper user data output validation.
In Apache ActiveMQ 5.x before 5.14.2, an instance of a cross-site scripting vulnerability was identified to be present in the web based administration console. The root cause of this issue is improper user data output validation.
Improper Neutralization of Input During Web Page Generation Apache ActiveMQ
EPSS