Описание
The Jetty ResourceHandler in Apache ActiveMQ 5.x before 5.3.2 and 5.4.x before 5.4.0 allows remote attackers to read JSP source code via a // (slash slash) initial substring in a URI for (1) admin/index.jsp, (2) admin/queues.jsp, or (3) admin/topics.jsp.
Отчет
Not vulnerable. Apache ActiveMQ is not shipped with any supported Red Hat products.
Дополнительная информация
Статус:
Low
https://bugzilla.redhat.com/show_bug.cgi?id=587417ActiveMQ JSP source disclosure
EPSS
Процентиль: 99%
0.75383
Высокий
Связанные уязвимости
nvd
почти 16 лет назад
The Jetty ResourceHandler in Apache ActiveMQ 5.x before 5.3.2 and 5.4.x before 5.4.0 allows remote attackers to read JSP source code via a // (slash slash) initial substring in a URI for (1) admin/index.jsp, (2) admin/queues.jsp, or (3) admin/topics.jsp.
github
больше 3 лет назад
Apache ActiveMQ Sensitive Information Disclosure via the Jetty ResourceHandler
EPSS
Процентиль: 99%
0.75383
Высокий