Описание
In Apache ActiveMQ 5.x before 5.14.2, an instance of a cross-site scripting vulnerability was identified to be present in the web based administration console. The root cause of this issue is improper user data output validation.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat JBoss A-MQ 6 | mq-web-console | Affected | ||
| Red Hat JBoss Fuse 6 | activemq | Not affected | ||
| Red Hat JBoss Fuse Service Works 6 | activemq | Under investigation | ||
| Red Hat OpenShift Enterprise 2 | activemq | Under investigation |
Показывать по
Дополнительная информация
Статус:
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Связанные уязвимости
In Apache ActiveMQ 5.x before 5.14.2, an instance of a cross-site scripting vulnerability was identified to be present in the web based administration console. The root cause of this issue is improper user data output validation.
In Apache ActiveMQ 5.x before 5.14.2, an instance of a cross-site scripting vulnerability was identified to be present in the web based administration console. The root cause of this issue is improper user data output validation.
In Apache ActiveMQ 5.x before 5.14.2, an instance of a cross-site scri ...
Improper Neutralization of Input During Web Page Generation Apache ActiveMQ
6.1 Medium
CVSS3
4.3 Medium
CVSS2