Описание
Cross-site request forgery (CSRF) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote attackers to hijack the authentication of unspecified victims for requests that create queues via the JMSDestination parameter in a queue action.
Отчет
Not vulnerable. Apache ActiveMQ is not shipped with any supported Red Hat products.
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-352
https://bugzilla.redhat.com/show_bug.cgi?id=580889ActiveMQ: CSRF in createDestination
EPSS
Процентиль: 63%
0.00437
Низкий
5.8 Medium
CVSS2
Связанные уязвимости
nvd
почти 16 лет назад
Cross-site request forgery (CSRF) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote attackers to hijack the authentication of unspecified victims for requests that create queues via the JMSDestination parameter in a queue action.
EPSS
Процентиль: 63%
0.00437
Низкий
5.8 Medium
CVSS2