Описание
An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console on the queue.jsp page of Apache ActiveMQ versions 5.0.0 to 5.15.5. The root cause of this issue is improper data filtering of the QueueFilter parameter.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | 5.15.8-2~18.04 |
| cosmic | not-affected | 5.15.8-2~18.04 |
| devel | not-affected | 5.15.8-2 |
| disco | not-affected | 5.15.8-2 |
| eoan | not-affected | 5.15.8-2 |
| esm-apps/bionic | not-affected | 5.15.8-2~18.04 |
| esm-apps/focal | not-affected | 5.15.8-2 |
| esm-apps/jammy | not-affected | 5.15.8-2 |
| esm-apps/noble | not-affected | 5.15.8-2 |
| esm-apps/xenial | needed |
Показывать по
EPSS
4.3 Medium
CVSS2
6.1 Medium
CVSS3
Связанные уязвимости
An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console on the queue.jsp page of Apache ActiveMQ versions 5.0.0 to 5.15.5. The root cause of this issue is improper data filtering of the QueueFilter parameter.
An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console on the queue.jsp page of Apache ActiveMQ versions 5.0.0 to 5.15.5. The root cause of this issue is improper data filtering of the QueueFilter parameter.
An instance of a cross-site scripting vulnerability was identified to ...
Apache ActiveMQ web console vulnerable to Cross-site Scripting
EPSS
4.3 Medium
CVSS2
6.1 Medium
CVSS3