Apache ActiveMQ webconsole admin GUI is open to XSS
Moderate severity
GitHub Reviewed
Published
May 21, 2020
to the GitHub Advisory Database
•
Updated Mar 14, 2024
Package
Affected versions
>= 5.0.0, < 5.15.12
Patched versions
5.15.12
Description
Published by the National Vulnerability Database
May 14, 2020
Reviewed
May 21, 2020
Published to the GitHub Advisory Database
May 21, 2020
Last updated
Mar 14, 2024
In Apache ActiveMQ 5.0.0 to 5.15.11, the webconsole admin GUI is open to XSS, in the view that lists the contents of a queue.
References