[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] [CVE-2020-1941] XSS in ActiveMQ WebConsole
From: Jean-Baptiste Onofre <jb () nanthrax ! net>
Date: 2020-05-14 5:25:05
Message-ID: DC7932BA-215B-48C8-844E-5EFC06EE609C () nanthrax ! net
[Download RAW message or body]
CVE-2020-1941 - XSS in WebConsole
Severity: Medium
Vendor:
The Apache Software Foundation
Versions Affected:
Apache ActiveMQ 5.0.0 - 5.15.11
Description:
The webconsole admin GUI is open to XSS, in the view that lists the contents of a queue.
Mitigation:
Upgrade to Apache ActiveMQ 5.15.12.
Credit:
This issue was discovered by:
* Przemysław Kowalski <przemyslawk@stmsolutions.pl>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic